Lexology
Like most U.S. states, Maine has a statute that requires investigations and sometimes notice to third parties after data breaches. The statute—the Notice of Risk to Personal Data Act—took effect in 2005. This article summarizes the law.
Overview and Important Definitions
Maine’s Notice of Risk to Personal Data Act is codified at §1346 et seq. of Chapter 210-B of Part 3 of Title 10 of the M.R.S. The statute applies to any company or person who maintains various categories of personal information.
Key defined terms in the Notice of Risk to Personal Data Act include:
Person means any individual, business entity, and Maine state government agency, among others.
Unauthorized Person means a person who lacks another person’s permission to access personal information maintained by tha
America News
Reuters US Domestic
Associated Press US News
Raw Story
KLCC
CNN Politics
NBC News Crime
Associated Press Elections
Reuters US Economy
Seeking Alpha Stock