Nebraska Privacy Laws

Breach Notification

Mandated Timeframe

Without unreasonable delay

Fines & Penalties

Violations

Award of direct economic damages

REGULATION LEVELS

Breach Reporting Consumer Notifications
Vendor Management Vendor Contract Required
LEVEL DESCRIPTION
Minimal Basic Comprehensive Extensive
LAWS RELATED TO PERSONAL INFORMATION
Regulated Breach Reporting

Breach Reporting Requirements

Consumer Notification Requirements

Vendor Notification of Breach

Vendor Requirements

Vendor Specific Obligations

Vendor Mandated Contracts

Privacy Program Requirements

Protection/Security

Employee Training

Vendor Protection/Security Program

Personal Information Protection

Data Disposal of Personal Information

Breach Notification

Mandated Timeframe

Without unreasonable delay

Fines & Penalties

Violations

Award of direct economic damages

REGULATION LEVELS

Breach
Reporting
Consumer
Notifications
Vendor
Management
Vendor
Contract Required
LEVEL DESCRIPTION
Minimal Basic Comprehensive Extensive
LAWS RELATED TO PERSONAL INFORMATION
Regulated Breach Reporting

Breach Reporting Requirements

Consumer Notification Requirements

Vendor Notification of Breach

Vendor Requirements

Vendor Specific Obligations

Vendor Mandated Contracts

Privacy Program Requirements

Protection/Security

Employee Training

Vendor Protection/Security Program

Personal Information Protection

Data Disposal of Personal Information

Breach Notification

Mandated Timeframe

Without unreasonable delay

Fines & Penalties

Violations

Award of direct economic damages

REGULATION LEVELS

Breach
Reporting
Consumer
Notifications
Vendor
Management
Vendor
Contract Required
LEVEL DESCRIPTION
Minimal Basic Comprehensive Extensive
LAWS RELATED TO PERSONAL INFORMATION
Regulated Breach Reporting

Breach Reporting Requirements

Consumer Notification Requirements

Vendor Notification of Breach

Vendor Requirements

Vendor Specific Obligations

Vendor Mandated Contracts

Privacy Program Requirements

Protection/Security

Employee Training

Vendor Protection/Security Program

Personal Information Protection

Data Disposal of Personal Information

Quick Facts

Nebraska Privacy Law Information

  • Privacy Program

    Any individual or commercial entity that conducts business in Nebraska and maintains personal information about Nebraska residents must implement and maintain reasonable security procedures and practices that are appropriate to the nature and sensitivity of the personal information. They must also require by contract that the service provider implement and maintain reasonable security procedures and practices appropriate to the nature of the personal information. Organizations must contract with Vendors to whom the Organization discloses personal information.

  • Breach Reporting

    There are specific considerations when determining if a breach is reportable. Notifications may only be given by specific methods.

  • Consumer Notification

    If your breach affects residents in other jurisdictions, those individuals must be notified based on the breach notification laws of the jurisdiction where they reside.

  • Vendor/Third Parties

    Vendors must notify Organizations, without delay after the discovery of a breach or suspected breach. The Organization is responsible for submitting any required regulatory reporting and consumer notifications. Vendors must cooperate with Organizations to provide all necessary information regarding a breach incident.

  • Fines & Penalties

    Violations of the data protection requirements are enforced as unfair or deceptive acts or practices. Organizations may be fined or penalized for Vendor violations. The state attorney general may issue subpoenas and seek and recover direct economic damages for each affected Nebraska resident injured by a violation. The Attorney General may bring an action to recover direct economic damages for each affected Nebraska resident injured by a violation of the requirements for breach notification.

Nebraska

Statutes and Laws

NE CODE § 59-1602

Unfair competition; practices; unlawful

NE CODE § 87-803

Breach of security; investigation; notice to resident

NE CODE § 87-806

Attorney general; powers; violation

NE CODE § 87-808

Security procedures and practices; disclosure of computerized data; contract provisions; compliance

NE CODE §§ 87-801 – 87-807

Financial data protection and consumer notification of data