Network Magazine has an article on the eight states that have passed privacy laws similar to California's trail-blazing legislation:
Network Magazine's Weblog: States Pass Privacy Laws:
"States Pass Privacy Laws
As of today, eight state legislatures have passed privacy legislation, largely in reaction to the recent, well-publicized privacy breach incidents at ChoicePoint, Axciom, Bank of America, LexisNexis, and others (and more states are debating such laws). This morning I read the eight states' laws to compare and contrast and see what, if any, unusual requirements they might contain (yes, maybe I do need to get a life). Although these state efforts may one day be superseded by a national law proposed by California Senator Dianne Feinstein based on her state's privacy law, the laws are all similar enough that if you understand the state laws, you'll be ready for the new national rules.
California's, Georgia's, Illinois', Washington's and Arkansas' bills are almost identical.
Florida's and North Dakota's bills are tougher than the others. They both have a section that cracks down on those who willfully and fraudulently use or create personal identification information -- Florida's sets minimum prison terms for offenders -- that hopefully won't apply to your company. The rest of these two bills mirror the other state laws, except that Florida's sets fines for violators (see below). North Dakota's act was declared an emergency measure and takes effect today; Florida's bill takes effect July 1.
Montana's bill has extra provisions for credit reporting bureaus and credit card companies, otherwise it is similar to California law. It takes effect March 1, 2006.
Illinois' rule applies to government agencies, whereas Florida specifically exempts them. Otherwise the state laws share the following common requirements...."