ABSTRACT One component of the newly implemented European Union General Data Protection Regulation (GDPR), a revision of a 1995 directive, is mandatory breach notification. The US has no such federal law. This means companies must satisfy multiple US laws and that makes it more challenging to comply. This study is a comparison of the GDPR with the statutes of the 50 US states, highlights the challenges companies face and reveals the types of decisions companies must make to be in compliance with these statutes.

中文翻译：

---

欧盟 GDPR 与美国违规通知的比较分析

摘要 新实施的欧盟通用数据保护条例 (GDPR) 是 1995 年指令的修订版，其中一个组成部分是强制性违规通知。美国没有这样的联邦法律。这意味着公司必须满足多项美国法律，这使得遵守变得更具挑战性。本研究将 GDPR 与美国 50 个州的法规进行了比较，突出了公司面临的挑战，并揭示了公司为遵守这些法规而必须做出的决策类型。