Minnesota Data Breach Notification
Minnesota HF 2121 of 2006 requires that any person or business that conducts business in this state, and that owns or licenses data that includes personal information, shall disclose any breach of the security of the system, following discovery or notification of the breach in the security of the data, to any resident of this state whose unencrypted personal information was, or is reasonably believed to have been, acquired by an unauthorized person. The disclosure must be made in the most expedient time possible and without unreasonable delay, consistent with the legitimate needs of law enforcement, as provided in paragraph (c), or with any measures necessary to determine the scope of the breach, identify the individuals affected, and restore the reasonable integrity of the data system. The policy detects combinations of Personally Identifiable Information (PII) like social security, credit card, and driver’s license numbers. The rules for this policy are:
- Minnesota Data Breach Notification: Name with CCN
- Minnesota Data Breach Notification: Name with Minnesota driver license
- Minnesota Data Breach Notification: Name with SSN
- Minnesota Data Breach Notification: SSN with CCN
- Minnesota Data Breach Notification: SSN with DNA profile
- Minnesota Data Breach Notification: SSN with MN driver license