Data Breach Notification Statutes – Montana
Last Updated: 02/28/2024
- Applicable Statute: Mont. Code Ann. §§ 30-14-1704, 1705
- Attorney General Notice Required: Yes – the Attorney General’s Consumer Protection Office.
- Timing : Must simultaneously submit an electronic copy of the consumer notification to the Attorney General’s Consumer Protection Office and a statement providing the date and method of distribution of the notification. Must exclude any information that personally identifies the residents who received notification.
- Method: Email ocpdatabreach@mt.gov
- Content : The copy of the notice should exclude any information that personally identifies the consumer.
- If the same notice is made to more than one consumer, the business is required to submit a single copy of the notice to the OCP. However, the business should indicate the number of Montana residents who were notified.
- The business should also advise the OCP of the date the notice was made and the notice’s method of distribution (e.g., U.S. Mail, e-mail, telephone, etc.).
- Consumer Notice Requirements:
- Timing: Notice must be made without unreasonable delay.
- Method: Written notice, electronic notice if consistent with the provisions regarding electronic records and signatures in E-SIGN; or telephonic notice. Substitute notice is available under certain circumstances.
- Consumer Reporting Agency Obligations: If notice suggests that an individual may obtain a copy of the individual’s file from a consumer reporting agency, the subject entity must coordinate with the consumer reporting agency as to the timing, content, and distribution of the notice to the individual without unreasonable delay.
Please Note: The information provided on this website does not, and is not intended to, constitute legal advice; instead, all information, content, and materials available on this site are for general informational purposes only. Information on this website may not constitute the most up-to-date legal or other information. This website contains links to other third-party websites. Such links are only for the convenience; Klinedinst PC and its attorneys do not recommend or endorse the contents of the third-party sites. Readers of this website should contact an attorney to obtain advice with respect to any particular legal matter. No reader, user, or browser of this site should act or refrain from acting on the basis of information on this site without first seeking legal advice from counsel in the relevant jurisdiction. Only your individual attorney can provide assurances that the information contained herein – and your interpretation of it – is applicable or appropriate to your particular situation. Use of, and access to, this website or any of the links or resources contained within the site do not create an attorney-client relationship between the reader, user, or browser and website authors, contributors, Klinedinst PC or its attorneys. Content included on this site is subject to change and users should note the date of last update when reviewing such contents. The content is provided "as is;" no representations are made that the content is error-free. Klinedinst PC has offices in several US states but does not practice law where its attorneys are not licensed. While this website refers to the laws of all 50 states, Klinedinst PC does not practice law in a several such states and visitors of this website are put on notice that neither Klinedinst PC, nor its attorneys, are or will provide legal advice for states where its attorneys are not licensed.
Data Breach Notification Statutes