Section 8-38-3 – Reasonable Security Measures; Assessment.
Section 8-38-3 Reasonable security measures; assessment. (a) Each covered entity and third-party agent shall implement and maintain reasonable security measures to protect sensitive personally identifying information against a breach of security. (b) Reasonable security measures means security measures practicable for the covered entity subject to subsection (c), to implement and maintain, including consideration of all […]
Section 8-38-4 – Investigation of Security Breach.
Section 8-38-4 Investigation of security breach. (a) If a covered entity determines that a breach of security has or may have occurred in relation to sensitive personally identifying information that is accessed, acquired, maintained, stored, utilized, or communicated by, or on behalf of, the covered entity, the covered entity shall conduct a good faith and […]
Section 8-38-5 – Notice of Security Breach – Individuals Affected.
Section 8-38-5 Notice of security breach – Individuals affected. (a) A covered entity that is not a third-party agent that determines under Section 8-38-4 that, as a result of a breach of security, sensitive personally identifying information has been acquired or is reasonably believed to have been acquired by an unauthorized person, and is reasonably […]
Section 8-38-6 – Notice of Security Breach – Attorney General.
Section 8-38-6 Notice of security breach – Attorney General. (a) If the number of individuals a covered entity is required to notify under Section 8-38-5 exceeds 1,000, the entity shall provide written notice of the breach to the Attorney General as expeditiously as possible and without unreasonable delay. Except as provided in subsection (c) of […]
Section 8-38-7 – Notice of Security Breach – Consumer Reporting Agencies.
Section 8-38-7 Notice of security breach – Consumer reporting agencies. If a covered entity discovers circumstances requiring notice under Section 8-38-5 of more than 1,000 individuals at a single time, the entity shall also notify, without unreasonable delay, all consumer reporting agencies that compile and maintain files on consumers on a nationwide basis, as defined […]
Section 8-38-8 – Notice of Security Breach – Covered Entity.
Section 8-38-8 Notice of security breach – Covered entity. In the event a third-party agent has experienced a breach of security in the system maintained by the agent, the agent shall notify the covered entity of the breach of security as expeditiously as possible and without unreasonable delay, but no later than 10 days following […]
Section 8-38-9 – Violations of Notification Requirements.
Section 8-38-9 Violations of notification requirements. (a) A violation of the notification provisions of this chapter is an unlawful trade practice under the Alabama Deceptive Trade Practices Act, Chapter 19 of this title, but does not constitute a criminal offense under Section 8-19-12. The Attorney General shall have the exclusive authority to bring an action […]
Section 8-32-10 – Enforcement Provisions.
Section 8-32-10 Enforcement provisions. (a) The commissioner may conduct investigations or examinations of providers, administrators, insurers, or other persons to enforce this chapter and protect service contract holders in this state. Upon request of the commissioner, the provider shall make all accounts, books, and records concerning service contracts sold in this state by the provider […]
Section 8-33-14 – Disposition of Funds; Examination Expenses.
Section 8-33-14 Disposition of funds; examination expenses. (a) All fees collected pursuant to this chapter shall be paid into the Insurance Department Fund for the enforcement of this chapter. (b) Each person being examined by the commissioner in the enforcement of this chapter shall be liable for and pay the expenses of the examination as […]
Section 8-37-4 – (Effective January 1, 2018) Reimbursements; Coverage; Effect of Cancellation or Termination.
Section 8-37-4 (Effective January 1, 2018) Reimbursements; coverage; effect of cancellation or termination. (a) A contractual liability or other insurance policy insuring a GAP waiver shall state the obligation of the insurer to reimburse or pay to the creditor any sums the creditor is legally obligated to waive under the GAP waiver issued by the […]