Close
logo

Missouri Privacy Laws

Breach Notification

Mandated Timeframe

Without unreasonable delay

Fines & Penalties

Violations

Up to $150,000 per breach

REGULATION LEVELS

Breach Reporting Consumer Notifications
Vendor Management Vendor Contract Required
LEVEL DESCRIPTION
Minimal Basic Comprehensive Extensive
LAWS RELATED TO PERSONAL INFORMATION
Regulated Breach Reporting

Breach Reporting Requirements

Consumer Notification Requirements

Vendor Notification of Breach

Vendor Requirements

Vendor Specific Obligations

Vendor Mandated Contracts

Privacy Program Requirements

Protection/Security

Employee Training

Vendor Protection/Security Program

Personal Information Protection

Data Disposal of Personal Information

Breach Notification

Mandated Timeframe

Without unreasonable delay

Fines & Penalties

Violations

Up to $150,000 per breach

REGULATION LEVELS

Breach
Reporting		 Consumer
Notifications
Vendor
Management		 Vendor
Contract Required
LEVEL DESCRIPTION
Minimal Basic Comprehensive Extensive
LAWS RELATED TO PERSONAL INFORMATION
Regulated Breach Reporting

Breach Reporting Requirements

Consumer Notification Requirements

Vendor Notification of Breach

Vendor Requirements

Vendor Specific Obligations

Vendor Mandated Contracts

Privacy Program Requirements

Protection/Security

Employee Training

Vendor Protection/Security Program

Personal Information Protection

Data Disposal of Personal Information

Breach Notification

Mandated Timeframe

Without unreasonable delay

Fines & Penalties

Violations

Up to $150,000 per breach

REGULATION LEVELS

Breach
Reporting		 Consumer
Notifications
Vendor
Management		 Vendor
Contract Required
LEVEL DESCRIPTION
Minimal Basic Comprehensive Extensive
LAWS RELATED TO PERSONAL INFORMATION
Regulated Breach Reporting

Breach Reporting Requirements

Consumer Notification Requirements

Vendor Notification of Breach

Vendor Requirements

Vendor Specific Obligations

Vendor Mandated Contracts

Privacy Program Requirements

Protection/Security

Employee Training

Vendor Protection/Security Program

Personal Information Protection

Data Disposal of Personal Information

Quick Facts

Missouri Privacy Law Information

  • Breach Reporting

    At the same time as consumer notification, breach reporting must be made to the Attorney General’s Consumer Protection Office. Notifying the Commissioner of Insurance is required in some cases involving insurance-related breaches. There are specific considerations when determining if a breach is reportable. If more than 1,000 residents are required to receive breach notifications. The incident must also be reported to the Attorney General and all consumer reporting agencies with specific information. Vendors must notify Organizations upon discovery of a breach or suspected breach. the Organization is responsible for submitting any required regulatory reporting and consumer notifications.

  • Consumer Notification

    If your breach affects residents in other jurisdictions, those individuals must be notified based on the breach notification laws of the jurisdiction where they reside.

  • Fines & Penalties

    Organizations may be fined or penalized for Vendor violations. The Attorney General may bring actions against violators with civil penalties up to $150,000 per incident, or a series of incidents discovered within the same investigation of a breach.

Missouri

Statutes and Laws

MO REV STAT § 161.096

Statewide longitudinal data system, regulation on student data accessibility, transparency, and accountability required – regulation requirements – data not to be reported – rulemaking authority – violation, penalty – attorney general to enforce

MO REV STAT § 407.1355

Social security number, prohibited actions involving

MO REV STAT § 407.1500

Definitions; Notice to consumer for breach of security; procedure-attorney general may bring action for damages

MO REV STAT § 569.095

Tampering with computer data; penalties

MO REV STAT §§ 407.430 – 407-436

Citation of law