Statutes

[No Title]

TITLE 28

COMMERCIAL TRANSACTIONS

CHAPTER 51

IDENTITY THEFT

28-51-106. Procedures deemed in compliance with security breach requirements. (1) An agency, individual or a commercial entity that maintains its own notice procedures as part of an information security policy for the treatment of personal information, and whose procedures are otherwise consistent with the timing requirements of section 28-51-105, Idaho Code, is deemed to be in compliance with the notice requirements of section 28-51-105, Idaho Code, if the agency, individual or the commercial entity notifies affected Idaho residents in accordance with its policies in the event of a breach of security of the system.

(2) An individual or a commercial entity that is regulated by state or federal law and that maintains procedures for a breach of the security of the system pursuant to the laws, rules, regulations, guidances, or guidelines established by its primary or functional state or federal regulator is deemed to be in compliance with section 28-51-105, Idaho Code, if the individual or the commercial entity complies with the maintained procedures when a breach of the security of the system occurs.

History:

[28-51-106, added 2006, ch. 258, sec. 1, p. 798.]

The Idaho Code is the property of the state of Idaho and is made available on the Internet as a public service. Any person who reproduces or distributes the Idaho Code for commercial purposes is in violation of the provisions of Idaho law and shall be deemed to be an infringer of the state of Idaho's copyright.

Idaho Statutes