All States have security and privacy laws; 23 of them promulgated comprehensive laws regarding criminal records information, indicating a trend toward a more systematic approach. On the average, each State has addressed 14 categories of these laws (i.e., dissemination regulation, records inspection rights, research access, etc.). States prefer broad legislation establishing a policy framework, leaving fine-grained policy and procedure to regulations. Federal regulations (focusing on individual access, dissemination, completeness and accuracy, security, and audits) appear to have played a major role in stimulating passage of the State laws. Most of the laws were passed in 1976 and 1977 and were designed to limit access. Their remedies and penalties for compliance failure include civil or criminal sanctions, or both. Most States restrict the release of nonconviction information, and some restricted dissemination of conviction data. Most States allow the record's subject to inspect the information, provide for regulatory oversight of criminal history records management policy, and have central State repositories for the information. Records accuracy and completeness requirements have expanded during the 8 years surveyed; 49 States now have such provisions. A total of 32 States have security provisions, 35 allow purging of nonconviction information, and 20 provide for sealing of such information. Information disclosure policy is not uniform among the States. The report defines categories into which State laws have been classified; presents matrixes summarizing State statutes and regulations through July 1981; depicts changes in State statutes for the years 1974, 1977, 1979, and 1981; and presents the full text of State statutes and regulations, with complete citations to State codes. The 53 States surveyed include the District of Columbia, Puerto Rico, and the Virgin Islands. An appendix reviews the security and privacy legislation enacted in six States since 1978.