To help businesses and IT pros navigate the compliance landscape and develop secure and functional infrastructures for data storage and protection, Imation created a Compliance Heat Map to depict the strictness of data breach laws and resulting penalties for breaches by state. Based on first-hand experience working with companies that face compliance challenges, Imation evaluated laws on record at the state level in the 50 United States, the District of Columbia, Puerto Rico and the U.S. Virgin Islands, and reviewed publicly available analyses created by other companies to develop the Compliance Heat Map. The map graphic contains a grid that depicts each state’s compliance score and a color scale – which ranges from light yellow to dark red – to denote the strictness of each state’s compliance laws and regulations.
Compliance Heat Map Methodology
To conduct the research, Imation applied to the laws a series of questions, organized to evaluate the laws’ requirements regarding encryption, data that is within scope of the laws, notification of data loss, and destruction of data, as well as penalties for non-compliance with the laws. Imation also considered other germane laws, such as those dictating data destruction or allowing for consumer freezing of credit report requests. Imation used publicly available information about the laws, including the legislation itself.
Imation does not intend for this research to constitute a legal review of the laws, and in no way are the results of this research intended to be legal advice. Companies should consult with their legal counsel before making any decisions regarding legal compliance.
Download the full Compliance Heat Map for additional information.