§ 24-164. Notice procedures deemed in compliance.  


Latest version.
  • A.  An entity that maintains its own notification procedures as part of an information privacy or security policy for the treatment of personal information and that are consistent with the timing requirements of this act shall be deemed to be in compliance with the notification requirements of this act if it notifies residents of this state in accordance with its procedures in the event of a breach of security of the system.

    B.  1.  A financial institution that complies with the notification requirements prescribed by the Federal Interagency Guidance on Response Programs for Unauthorized Access to Customer Information and Customer Notice is deemed to be in compliance with the provisions of this act.

    2.  An entity that complies with the notification requirements or procedures pursuant to the rules, regulation, procedures, or guidelines established by the primary or functional federal regulator of the entity shall be deemed to be in compliance with the provisions of this act.

Added by Laws 2008, c. 86, § 4, eff. Nov. 1, 2008.