Erich Falke writes:
Then there were two.
On March 16, 2017, the New Mexico state legislature passed a bill requiring that New Mexico residents be notified if their “personal identifying information” was affected by a breach of electronic data. Upon signature of the bill, New Mexico will join 47 other states requiring such notification, and the only states remaining without notification laws will be Alabama and South Dakota.
Read more on Baker Hostetler Data Privacy Monitor.