SEARCH SITE

VIRGINIA LAW PORTAL

SEARCHABLE DATABASES

ACROSS SESSIONS

Developed and maintained by the Division of Legislative Automated Systems.

2008 SESSION

  • | print version

HB 1052 Identity theft; notice of database breach.

Introduced by: Kenneth R. Plum | all patrons    ...    notes | add to my profiles

SUMMARY AS INTRODUCED:

Database breach notification. Requires that an individual or a commercial entity that conducts business in Virginia and that owns or licenses data that includes personal information about a resident of Virginia shall, when it becomes aware of a breach of the security of the system, (i) conduct in good faith a reasonable and prompt investigation to determine the likelihood that personal information has been or will be misused and (ii) notify the Office of the Attorney General that a breach has occurred. A breach of the security of the system is defined as the unauthorized acquisition and access of unencrypted or unredacted data that compromises the security, confidentiality, or integrity of personal information maintained by an individual or a commercial entity. Types of notification meeting the requirements of this bill are listed, but not required if, after a reasonable investigation, the person or commercial entity determines that there is no reasonable likelihood of harm to affected Virginia residents. The Attorney General may bring an action in law to address violations and ensure proper compliance with this section. Nothing in this section shall limit an individual from recovering direct economic damages resulting from a violation of this section. This bill has been incorporated into HB 1469.


FULL TEXT

HISTORY