Identity theft; notification of breach of information system. (HB2140)
Introduced By
Progress
✓ |
Introduced |
☐ |
Passed Committee |
☐ |
Passed House |
☐ |
Passed Senate |
☐ |
Signed by Governor |
☐ |
Became Law |
Description
Database breach notification. Requires an individual or a commercial entity that conducts business in Virginia and that owns or licenses computerized data that includes personal information to conduct in good faith a reasonable and prompt investigation when it becomes aware of a breach of the security of the system. If the investigation determines that misuse of information has or is reasonably likely to occur, the individual or commercial entity shall give notice to the Virginia resident as soon as possible. Notification must be made in good faith, in the most expedient time possible and without unreasonable delay, consistent with the legitimate needs of law enforcement and with any measures necessary to determine the scope of the breach and to restore the reasonable integrity of the computerized data system. The bill also contains alternative notification provisions. The Office of the Attorney General may bring an action in law or equity to address violations of this section and other appropriate relief. The provisions of this bill, as they apply to governmental entities, become effective July 1, 2008. Read the Bill »
Outcome
History
| Date | Action |
|---|---|
| 01/08/2007 | Committee |
| 01/08/2007 | Prefiled and ordered printed; offered 01/10/07 075730248 |
| 01/08/2007 | Referred to Committee for Courts of Justice |
| 01/16/2007 | Assigned Courts sub: Criminal Law |
| 01/17/2007 | Impact statement from DPB (HB2140) |
| 01/26/2007 | Referred to Committee on Commerce and Labor |
Comments
Wonderful. The high-profile data losses that occurred in the past year make blindingly obvious the importance of passing this bill.