The State Security Breach Laws were enacted to protect the confidential personal information of consumers. The laws require that an individual or a commercial entity that conducts business in Minnesota and that owns or licenses computerized data that includes personal information about a resident of Minnesota becomes aware of a breach of the security of their computer system, the business or entity should conduct a prompt investigation to determine if personal information has been compromised and assess the risk of misuse. The law also requires the individual or the commercial entity provide notice as soon as possible to the affected Minnesota resident unless the investigation determines that the misuse of information about a Minnesota resident has not occurred and is not reasonably likely to occur.
The laws require notice to be made in good faith, in the most expedient time possible and without unreasonable delay, consistent with the legitimate needs of law enforcement and with any measures necessary to determine the scope of the breach and to restore the reasonable integrity of the computerized data system. Visit the links below for direct access to the state Web site and security breach legislation.