Personal identifying information; safe destruction of records. (HB884)

Introduced By

Del. Suhas Subramanyam (D-Sterling)


Passed Committee
Passed House
Passed Senate
Signed by Governor
Became Law


Safe destruction of records containing personal identifying information. Requires a commercial entity that is in possession of, or has within its custody or control, records that (i) contain consumers' unencrypted, unredacted personal identifying information and (ii) are no longer needed by the commercial entity to take reasonable steps to destroy, or arrange for the destruction of, the records by shredding, erasing, or otherwise destroying or modifying the personal identifying information in the records to make it unreadable or indecipherable. The measure does not apply to certain financial institutions, health insurance or health care facilities, consumer reporting agencies, or governmental entities. The measure authorizes a consumer who incurs actual damages due to a reckless or intentional violation of these requirements by a commercial entity to bring a civil action. Read the Bill »


Bill Has Failed


01/07/2020Prefiled and ordered printed; offered 01/08/20 20104896D
01/07/2020Referred to Committee on Communications, Technology and Innovation
01/27/2020Continued to 2021 in Communications, Technology and Innovation