Ask Reggi Your Question Now
Can you summarize 51 LARS Chapter 51?
Trade and Commerce > DATABASE SECURITY BREACH NOTIFICATION LAW
Short Summary
The provided legal document content pertains to the Louisiana Revised Statutes governing the Trade and Commerce aspect of the state’s DATABASE SECURITY BREACH NOTIFICATION LAW. The document defines various terms related to the law, including ‘Agency’, ‘Breach of the security of the system’, ‘Person’, and ‘Personal information’. It specifies that personal information includes certain data elements such as social security number, driver’s license number, account number, credit or debit card number, passport number, and biometric data. However, personal information does not include publicly available information from government records. The document does not mention specific penalties for non-compliance or violation. It is applicable to agencies, persons, and various legal entities. The purpose of this law is to ensure the security, confidentiality, and integrity of computerized data containing personal information and to prevent unauthorized acquisition and access to such information. This legal document, known as the Louisiana Revised Statutes, Trade and Commerce, Database Security Breach Notification Law, governs the protection of personal information and the disclosure requirements in the event of a breach in the security of personal information. It applies to any person conducting business in the state or owning or licensing computerized data that includes personal information, as well as any agency owning or licensing such data. The document mandates the implementation and maintenance of reasonable security procedures and practices to protect personal information from unauthorized access, destruction, use, modification, or disclosure. It also requires the destruction of records containing personal information that is no longer needed. In the event of a breach, the document stipulates that affected residents of the state must be notified. The notification must be made in the most expedient time possible, within sixty days of the breach’s discovery, unless delayed by law enforcement or necessary measures to determine the breach’s scope and prevent further disclosures. The notification can be provided through written, electronic, or substitute methods. However, notification is not required if a reasonable investigation determines that there is no likelihood of harm to the residents. Non-compliance with the provisions of this document constitutes an unfair act or practice. A civil action may be instituted to recover actual damages resulting from the failure to disclose in a timely manner to a person that there has been a breach of the security system resulting in the disclosure of a person’s personal information.
Whom does it apply to?
Agencies, persons, and various legal entities conducting business in the state or owning or licensing computerized data that includes personal information
What does it govern?
Louisiana Revised Statutes governing the Trade and Commerce aspect of the state's DATABASE SECURITY BREACH NOTIFICATION LAW
What are exemptions?
No specific exemptions are mentioned
What are the Penalties?
Non-compliance with the provisions of this document constitutes an unfair act or practice. A civil action may be instituted to recover actual damages resulting from the failure to disclose in a timely manner to a person that there has been a breach of the security system resulting in the disclosure of a person's personal information.
Jurisdiction
Louisiana