Section 646A.616 – Effect of request for consumer report subject to security freeze.
If a third party requests access to a consumer report on which a security freeze is in effect, the request is in connection with an application for credit or any other use, the consumer does not allow the consumer’s consumer report to be accessed for that period of time, and the third party cannot obtain […]
Section 646A.618 – Prohibition on changes to consumer report subject to security freeze; entities subject to requirement to place security freeze.
(1) If a security freeze is in place, a consumer reporting agency shall not change any of the following official information in a consumer credit report without sending a written confirmation of the change to the consumer within 30 days of the change being posted to the consumer’s report: name, date of birth, Social Security […]
Section 646A.620 – Prohibition on printing, displaying or posting Social Security numbers; exemptions.
(1) Except as otherwise specifically provided by law, a person may not: (a) Print a consumer’s Social Security number on mail to the consumer that is: (A) Material the consumer did not request; or (B) Part of any documentation the consumer requested for a transaction or service, unless the Social Security number is redacted. (b) […]
Section 646A.622 – Requirement to develop safeguards for personal information; conduct deemed to comply with requirement; defenses.
(1) A covered entity and a vendor shall develop, implement and maintain reasonable safeguards to protect the security, confidentiality and integrity of personal information, including safeguards that protect the personal information when the covered entity or vendor disposes of the personal information. (2) A covered entity or vendor complies with subsection (1) of this section […]
Section 646A.624 – Powers of director; penalties.
(1) The Director of the Department of Consumer and Business Services may: (a) Make such public or private investigations within or outside this state as the director deems necessary to determine whether a person has violated any provision of ORS 646A.600 to 646A.628, or to aid in the enforcement of ORS 646A.600 to 646A.628. (b) […]
Section 646A.626 – Rules.
In accordance with ORS chapter 183, the Director of the Department of Consumer and Business Services may adopt rules for the purpose of carrying out the provisions of ORS 646A.600 to 646A.628. [2007 c.759 §14]
Section 646A.628 – Allocation of moneys.
Notwithstanding ORS 705.145 (2), (3) and (5), the Director of the Department of Consumer and Business Services can allocate as deemed appropriate the moneys derived pursuant to ORS 86A.095 to 86A.198, 86A.990, 86A.992, 650.005 to 650.100, 697.005 to 697.095, 697.602 to 697.842, 705.350 and 717.200 to 717.320 and 731.804 and ORS chapters 59, 645, 706 […]
Section 646A.600 – Short title.
ORS 646A.600 to 646A.628 shall be known as the Oregon Consumer Information Protection Act. [2007 c.759 §1; 2019 c.180 §1]
Section 646A.602 – Definitions for ORS 646A.600 to 646A.628.
As used in ORS 646A.600 to 646A.628: (1)(a) “Breach of security” means an unauthorized acquisition of computerized data that materially compromises the security, confidentiality or integrity of personal information that a person maintains or possesses. (b) “Breach of security” does not include an inadvertent acquisition of personal information by a person or the person’s employee […]
Section 646A.604 – Notice of breach of security; delay; methods of notification; contents of notice; application of notice requirement.
(1) If a covered entity is subject to a breach of security or receives notice of a breach of security from a vendor, the covered entity shall give notice of the breach of security to: (a) The consumer to whom the personal information pertains. (b) The Attorney General, either in writing or electronically, if the […]