28-51-103. PAYMENT CARD RECEIPTS. (1) As used in this section, the term: (a) "Cardholder" means a person or organization named on the face of a payment card to whom or for whose benefit the payment card is issued. (b) "Merchant" means a person or organization who receives from a cardholder a payment card, or information […]
28-51-104. DEFINITIONS. For purposes of sections 28-51-104 through 28-51-107, Idaho Code: (1) "Agency" means any "public agency" as defined in section 74-101, Idaho Code. (2) "Breach of the security of the system" means the illegal acquisition of unencrypted computerized data that materially compromises the security, confidentiality, or integrity of personal information for one (1) or […]
28-51-105. DISCLOSURE OF BREACH OF SECURITY OF COMPUTERIZED PERSONAL INFORMATION BY AN AGENCY, INDIVIDUAL OR A COMMERCIAL ENTITY. (1) A city, county or state agency, individual or a commercial entity that conducts business in Idaho and that owns or licenses computerized data that includes personal information about a resident of Idaho shall, when it becomes […]
28-51-106. PROCEDURES DEEMED IN COMPLIANCE WITH SECURITY BREACH REQUIREMENTS. (1) An agency, individual or a commercial entity that maintains its own notice procedures as part of an information security policy for the treatment of personal information, and whose procedures are otherwise consistent with the timing requirements of section 28-51-105, Idaho Code, is deemed to be […]
28-51-107. VIOLATIONS. In any case in which an agency’s, commercial entity’s or individual’s primary regulator has reason to believe that an agency, individual or commercial entity subject to that primary regulator’s jurisdiction under section 28-51-104(6), Idaho Code, has violated section 28-51-105, Idaho Code, by failing to give notice in accordance with that section, the primary […]
