Support Centre

South Carolina


Law: Please note this State does not have a general privacy law in effect, you can visit USA State Law Tracker to monitor the progress of US State bills.

Regulator: The South Carolina Consumer Protection Division of the Department of Consumer Affairs ('SCDCA')

Summary: South Carolina at present does not have a general privacy act. However, the State recognises all four torts of invasion of privacy (Gignilliat v. Gignilliat, Savitz & Bettis L.P., 684 S.E.2d 756 (S.C. 2009)). Furthermore, South Carolina has its own data breach requirements under §39-1-90 of Chapter 1 of Title 39 of the South Carolina Code of Laws which is enforced by the SCDCA. In particular, a breach needs to be notified to the SCDCA only when business provides notice to more than 1,000 persons at one time. Other privacy-related legislation includes the South Carolina Insurance Data Security Act, which requires insurers, agents, and other licensed entities doing business in South Carolina to establish a comprehensive written information security program as well as conduct risk assessments, provide training to staff, and exercise due diligence in selecting third-party service providers.