Complete Story


Connecticut Tightens its Data Breach Notification Laws

Data Protection Report

Effective October 1, 2021, an amendment[1] to the Connecticut General Statute concerning data privacy breaches, Section 36a-701b, will impact notification obligations in several significant ways. The amendment:

  • Expands the definition of “personal information”;
  • Shortens the notification deadline after discovery of a breach from 90 to 60 days;
  • Removes the requirement to consult with law enforcement as part of a risk assessment;
  • Deems compliant any person subject to and in compliance with HIPAA and HITECH; and
  • Provides certain exemptions from public disclosure for materials provided to the state in response to an investigation of a breach of security.


Printer-Friendly Version



The FRPA alert system distinguishes us from other groups by gathering and providing information to law enforcement, retailers AND financial institutions.

more information


Your electronic library to help in fighting financial fraud for all of our partners.

more information