Only two states in the United States lack data breach notification statutes, but that may change in 2018. If legislation pending in South Dakota passes, Alabama would be the only state without a data breach notification law.
South Dakota Senate Bill No. 62 would create a breach notification requirement for any person or business conducting