Identity theft; notification of breach of information system. (HB995)
Introduced By
Progress
√ |
Introduced |
☐ |
Passed Committee |
☐ |
Passed House |
☐ |
Passed Senate |
☐ |
Signed by Governor |
☐ |
Became Law |
Description
Database breach notification. Requires an individual or a commercial entity that conducts business in Virginia and that owns or licenses computerized data that includes personal information to conduct in good faith a reasonable and prompt investigation when it becomes aware of a breach of the security of the system. If the investigation determines that misuse of information has or is reasonably likely to occur, the individual or commercial entity shall give notice to the Virginia resident as soon as possible. Notification must be made in good faith, in the most expedient time possible and without unreasonable delay, consistent with the legitimate needs of law enforcement and with any measures necessary to determine the scope of the breach and to restore the reasonable integrity of the computerized data system. The bill also contains alternative notification provisions. The Office of the Attorney General may bring an action in law or equity to address violations of this section and other appropriate relief. Amends § 18.2-186.6 (“Breach of personal information notification.”), of the Code of Virginia. View Full Text »
