Florida put a tough new cyber-breach notification law into effect at the start of the month, replacing its older statute with more stringent demands upon any company that so much as interacts with consumers there.
The state is hardly alone. Lacking a comprehensive federal law to guide the notification process, 47 states, the District of Columbia, Guan, Puerto Rico, and the Virgin Islands each have their own rules on what companies must do when customer data is stolen or mishandled, many of them unique.
