The following states currently have some form of a data breach law in effect:

The Sarbanes-Oxley Act, also known as the Public Company Accounting Reform and Investor Protection Act of 2002 and commonly called SOX or SarbOx; July 30, 2002) is a United States federal law.

The Financial Modernization Act of 1999, also known as the "Gramm-Leach-Bliley Act" or GLB Act, includes provisions to protect consumers’ personal financial information held by financial institutions.

PCI is a standard originally developed by Visa and was extended to Mastercard and American Express. It has become a worldwide information security standard assembled by the Payment Card Industry Security Standards Council (PCI SSC).