A data security breach occurs when there is a loss or theft of, or other unauthorized access to, sensitive personally identifiable information that could result in the potential compromise of the confidentiality or integrity of data. This book provides an overview of state security breach notification laws applicable to entities that collect, maintain, own, possess, or license personal information. This book describes information security and security breach notification requirements in the Office of Management and Budget's "Breach Notification Policy," the Health Insurance Portability and Accountability Act (HIPAA), the Health Information Technology for Economic and Clinical Health Act (HITECH), and the Gramm-Leach-Bliley Act (GLBA).