In the continuing void at the federal level, more and more states are being proactive in adopting legislation that seeks to protect US residents’ personal data, and to impose stricter guidelines on companies that experience a data breach.

Although Washington State did not pass its previously pending bill that would have been more stringent on

The time for businesses to wait until they are breached to respond to data vulnerabilities is coming to an end.  While 50 states have breach notification statutes (reactive legislation), more than 25 states have now adopted some form of proactive legislation requiring companies to take “some” measures to protect the personally identifiable information they collect,