West Virginia
Privacy Laws
Overview
BREACH NOTIFICATION – Mandated Timeframe
Without unreasonable delay
FINES & PENALTIES – Violations
Up to $150,000 per breach
Regulation Levels
-
Breach Reporting
-
Consumer Notification
-
Vendor Management
-
Vendor Contract Required
PRIVACY AND SECURITY LAWS
Laws related to personal information and privacy and security.
Breach Reporting
Required
Vendor Obligations
Required
Consumer Notification
Required
Vendor Contracts
Not Required
Vendor Notification
Required
Privacy Program
Not Required
QUICK FACTS
West Virginia Privacy Law Information
Breach reporting to all consumer reporting agencies that compile and maintain files on a nationwide basis is required if more than 1,000 persons are affected by a breach of security, without unreasonable delay. The Organization will be responsible to complete any required regulatory reporting and consumer notification.
There is specifically defined information that must be included in the consumer notification. If any state residents are affected by a breach of security, the breached Organization must give notice without delay to each individual affected by the breach.
Vendors must notify Organizations as soon as possible after the discovery of a breach or suspected breach.
There are industry-specific laws governing the protection of personal data for health, insurance, and education.
The Attorney General may bring an action to enforce repeated and willful violations of the breach requirements, with civil penalties assessed up to $150,000. Violations of the breach notification requirements constitute an unfair or deceptive act or practice.
West Virginia Statutes and Laws
West Virginia health information network/privacy; protection of information
Student data accessibility, transparency and accountability act
Insurance/disclosure of non-public personal information
Breach of security of consumer information
DISCLAIMER
The information provided is not legal guidance or recommendations and are for informational purposes only.