Missouri
Privacy Laws
Overview
BREACH NOTIFICATION – Mandated Timeframe
Without unreasonable delay
FINES & PENALTIES – Violations
Up to $150,000 per breach
Regulation Levels
-
Breach Reporting
-
Consumer Notification
-
Vendor Management
-
Vendor Contract Required
PRIVACY AND SECURITY LAWS
Laws related to personal information and privacy and security.
Breach Reporting
Required
Vendor Obligations
Required
Consumer Notification
Required
Vendor Contracts
Not Required
Vendor Notification
Required
Privacy Program
Not Required
QUICK FACTS
Missouri Privacy Law Information
At the same time as consumer notification, breach reporting must be made to the Attorney General’s Consumer Protection Office. Notifying the Commissioner of Insurance is required in some cases involving insurance-related breaches. There are specific considerations when determining if a breach is reportable. If more than 1,000 residents are required to receive breach notifications. The incident must also be reported to the Attorney General and all consumer reporting agencies with specific information. Vendors must notify Organizations upon discovery of a breach or suspected breach. the Organization is responsible for submitting any required regulatory reporting and consumer notifications.
If your breach affects residents in other jurisdictions, those individuals must be notified based on the breach notification laws of the jurisdiction where they reside.
Organizations may be fined or penalized for Vendor violations. The Attorney General may bring actions against violators with civil penalties up to $150,000 per incident, or a series of incidents discovered within the same investigation of a breach.
Missouri Statutes and Laws
Statewide longitudinal data system, regulation on student data accessibility, transparency, and accountability required – regulation requirements – data not to be reported – rulemaking authority – violation, penalty – attorney general to enforce
Citation of law
Social security number, prohibited actions involving
Definitions; Notice to consumer for breach of security; procedure-attorney general may bring action for damages
Tampering with computer data; penalties
DISCLAIMER
The information provided is not legal guidance or recommendations and are for informational purposes only.