Rapid7 Compliance Brief: State Personal Data Security Laws

Most US states have laws that require companies to secure customers’ personal information. As data breaches and online fraud continue to plague businesses and consumers throughout the globe, states are adopting increasingly stringent measures for sensitive data. Dozens of state-specific laws can also mean potential confusion for companies with customers or operations across state borders.

Rapid7 solutions can help you navigate this regulatory red tape, particularly in states more heavily regulated, such as California, Florida, Massachusetts, and New York. Many states have similar laws, but have variations on the required security safeguards and how the laws are enforced. This compliance guide can help you better identify:

• Commonalities among states’ security requirements for consumer personal information and how states require security beyond their borders

• How Rapid7 solutions can help organizations maintain a security program and meet required safeguards to protect personal information from unauthorized access and disclosure

• Solutions to manage risks to cyber assets, detect and report breaches and incidents, and test security effectiveness across multiple states and regions