US Lawyer Database

For Lawyer-Seekers

YOU DESERVE THE BEST LAWYER

(a) Qualified cybersecurity incidents shall be reported to the Cybersecurity Office before any citizen notification, but no later than 10 days following a determination that the entity experienced a qualifying cybersecurity incident.

(b) A qualified cybersecurity incident meets at least one of the following criteria:

(1) State or federal law requires the reporting of the incident to regulatory or law- enforcement agencies or affected citizens;