Breach Notification

Summary

Breach Notice to Individuals Affected by Data Breach
Governmental entities are required to provide notice to an individual or the legal guardian of an individual, if the individual’s personal data is affected by a data breach in accordance with Utah Code § 63A-19-406. Governmental entities that are currently subject to breach notification requirements, such as those required for compliance with federal regulations, laws or other governing requirements (HIPAA, 42 CFR Part 2, PCI, etc..) are currently required to create and maintain their own entity specific breach notification policies and procedures that meet the requirements of the applicable regulations.