/*

We value your privacy

To provide the best experiences, we use technologies like cookies to store and/or access device information. Consenting to these technologies will allow us to process data such as browsing behavior or unique IDs on this site. Not consenting or withdrawing consent, may adversely affect certain features and functions. Cookie Policy

Customise Consent Preferences

We use cookies to help you navigate efficiently and perform certain functions. You will find detailed information about all cookies under each consent category below.

The cookies that are categorised as "Necessary" are stored on your browser as they are essential for enabling the basic functionalities of the site. ... 

Always Active

Necessary cookies are required to enable the basic features of this site, such as providing secure log-in or adjusting your consent preferences. These cookies do not store any personally identifiable data.

Functional cookies help perform certain functionalities like sharing the content of the website on social media platforms, collecting feedback, and other third-party features.

Analytical cookies are used to understand how visitors interact with the website. These cookies help provide information on metrics such as the number of visitors, bounce rate, traffic source, etc.

Performance cookies are used to understand and analyse the key performance indexes of the website which helps in delivering a better user experience for the visitors.

Advertisement cookies are used to provide visitors with customised advertisements based on the pages you visited previously and to analyse the effectiveness of the ad campaigns.

/*]]>*/
TEKRiSQ | Technology Risk Assessment Platform  

South Dakota Cybersecurity Law

March 31, 2025

South Dakota Cybersecurity Laws

South Dakota’s Senate Bill 62

  • The South Dakota Data Breach Notification Law was enacted in 2018
  • The law requires entities that conduct business in South Dakota, and that own or license computerized personal information of South Dakota residents, to notify affected individuals of the unauthorized acquisition of their unencrypted personal information.
  • Notice must be made within 60 days of discovering the breach. Consumer reporting agencies and any credit bureaus must be notified without unreasonable delay.
  • If more than 250 South Dakota residents must be notified, breached entities must also notify the Attorney General.
  • Notice is not required if, following appropriate investigation and notification to the Attorney General, the entity reasonably believes the breach will not result in harm to affected individuals.
  • A substitute notice is permitted in specific circumstances and notification may be delayed for law enforcement purposes.
  • Entities in compliance with relevant federal and state regulations, HIPAA or the GLBA are deemed to comply with this law.
  • Entities which maintain their own notification procedures as part of an information security policy consistent with state law are deemed to comply with the notification requirements of this law if the entity makes notifications in accordance with its policies.
  • Financial organizations in compliance with the GLBA are deemed to comply with this law, as are those that are compliant with the Federal Interagency Guidance Response Programs for Unauthorized Access to Consumer Information and Customer Notice.
  • The Attorney General is authorized to impose fines of up to $10,000 per day, per violation.

Categories: Breach Laws, States

Tags: , , , ,

 
North Carolina Data Breach Laws: Reporting Requirements

© Copyright 2025 TEKRiSQ, INC. All rights reserved.
Website by: Colophon

TEKRiSQ BBB Business Review