New laws in many states require protection of personally identifiable customer data, not just notification after a security breach. Due to the proliferation of personally identifiable data like credit card numbers, businesses from self-employed service providers to large enterprise companies need to take measures to be in compliance.

Federal privacy regulations such as HIPAA covering health information and the Gramm-Leach-Bliley Act covering financial data are in the news due to data breaches. Federal privacy laws also cover the safeguard of customer data in areas such as the cable and telecommunications industry, the US census, the department of motor vehicles, and even DVD rentals.