Ask Reggi Your Question Now
Can you summarize 10 GACO Chapter 1, Article 34?
Selling and Other Trade Practices > Identity Theft
Short Summary
The Georgia Personal Identity Protection Act governs the notification requirements in case of a breach of security involving personal information. It applies to information brokers, data collectors, and persons or businesses maintaining computerized data on behalf of information brokers or data collectors. The Act mandates prompt notification to any resident of Georgia whose unencrypted personal information was acquired by an unauthorized person. Notification should be made without unreasonable delay, considering the needs of law enforcement or measures necessary to determine the scope of the breach and restore the integrity, security, and confidentiality of the data system. If the breach involves more than 10,000 residents, consumer reporting agencies must also be notified. However, notification may be delayed if it compromises a criminal investigation. The Act does not specify any penalties for non-compliance or violation. It does not apply to governmental agencies primarily maintaining records for traffic safety, law enforcement, licensing purposes, or providing public access to court or property information.
Whom does it apply to?
Information brokers, data collectors, persons or businesses maintaining computerized data on behalf of information brokers or data collectors
What does it govern?
Notification requirements upon a breach of security regarding personal information
What are exemptions?
Governmental agencies primarily maintaining records for traffic safety, law enforcement, licensing purposes, or providing public access to court or property information
What are the Penalties?
No specific penalties mentioned
Jurisdiction
Georgia