Mississippi’s data breach law, enacted in 2010, comes into effect today (July 1, 2011), and brings to 46 the number of U.S. states that have data breach notification laws in effect. The District of Columbia, Puerto Rico and the U.S. Virgin Islands also have such laws. The only states that remain without data breach notification laws are Alabama, Kentucky, New Mexico and South Dakota.
Mississippi’s statute on the matter is similar to that of most of the other states that address data breaches. Notification is required if there is a covered data breach by an entity or person doing business in the state, with exceptions for encrypted data or an incident that has been reasonably determined after an appropriate investigation to not be likely to result in harm to the affected individuals.