State Compliance Overlay

The 50-State Healthcare Compliance Atlas.

HIPAA is the federal floor. Every state adds something on top — a shorter breach window, a named statute, an Attorney General notification step, a private right of action. This atlas catalogues that overlay for all 50 states: the breach clock, the named laws (CMIA, BIPA, MHMDA, SHIELD, HB 300, 201 CMR 17.00), and links into the relevant compliance guides. Research aid, not legal advice.

States50
Shortest window15d
Named statutes120

The interactive map renders on larger screens. Use the alphabetical index below.

By state, A-Z

All 50 states.

The named statutes and the shortest breach-notification clock that applies to PHI in that state. Click through for the full overlay page, regulator links, and the related compliance guides.

A

C

D

F

G

H

I

K

L

M

N

O

P

R

S

T

U

V

W

For multi-state practices

Stop juggling 50 state checklists.

The free Security Risk Analysis is where the federal HIPAA program plus the state overlays each of your locations triggers gets assembled into a review-ready binder — training-logged and ready for payer, BAA, or internal review. Administrative documentation aid, not legal advice.