2-6-1501. Definitions
2-6-1501. Definitions. As used in this part, the following definitions apply: (1) ”Breach of the security of a data system” or “breach” means the unauthorized acquisition of computerized data that: (a) materially compromises the security, confidentiality, or integrity of the personal information maintained by a state agency or by a third party on behalf of a state agency; […]
2-6-1502. Protection of personal information — compliance — extensions
2-6-1502. Protection of personal information — compliance — extensions. (1) Each state agency that maintains the personal information of an individual shall develop procedures to protect the personal information while enabling the state agency to use the personal information as necessary for the performance of its duties under federal or state law. (2) The procedures must include […]
2-6-1503. Notification of breach of security of data system
2-6-1503. Notification of breach of security of data system. (1) (a) Upon discovery or notification of a breach of the security of a data system, a state agency that maintains computerized data containing personal information in the data system shall make reasonable efforts to notify any person whose unencrypted personal information was or is reasonably believed to […]