Law: Please note this State does not have a general privacy law in effect, you can visit USA State Law Tracker to monitor the progress of US State bills.

Regulator: New Hampshire Attorney General ('AG')

Summary: While New Hampshire does not currently have a comprehensive data protection law, the State has several sector-specific laws related to privacy in addition to a number of newly introduced bills. In particular, the State's Insurance Data Security Law, which entered into effect on 1 January 2020, requires insurance companies licensed in New Hampshire to, among other things, implement data security programs and report cybersecurity incidents. There is also NH Rev Stat §332-I:1 (1996 through Reg Sess), which requires health care providers and business associates to obtain an authorisation from individuals before using or disclosing their protected health information ('PHI') for marketing purposes. Furthermore, operators of websites, online platforms and applications targeting students and their families are obliged to create and maintain reasonable data security procedures to protect certain information about students.