Ask Reggi Your Question Now
Can you summarize NVRS 603A.220?
Security and Privacy of Personal Information > Disclosure of breach of security of system data; methods of disclosure.
Short Summary
This legal document governs the disclosure of breach of security of system data and outlines the methods of disclosure. It applies to data collectors who own or license computerized data containing personal information, as well as data collectors who maintain computerized data containing personal information that they do not own. The document requires data collectors to disclose any breach of security to residents of Nevada whose unencrypted personal information was acquired by an unauthorized person. The disclosure must be made in a timely manner, without unreasonable delay, and consistent with the needs of law enforcement or measures necessary to determine the scope of the breach and restore the integrity of the system data. The document also allows for delayed notification if it would impede a criminal investigation. The methods of notification include written notification, electronic notification, or substitute notification under certain conditions. There are exemptions for data collectors with their own notification policies consistent with the timing requirements or those subject to and complying with the privacy and security provisions of the Gramm-Leach-Bliley Act. The document does not specify any penalties for non-compliance or violation of its provisions.
Whom does it apply to?
Data collectors that own or license computerized data which includes personal information, data collectors that maintain computerized data which includes personal information that they do not own
What does it govern?
Disclosure of breach of security of system data; methods of disclosure
What are exemptions?
Notification may be delayed if a law enforcement agency determines that it will impede a criminal investigation
What are the Penalties?
No specific penalties mentioned
Jurisdiction
Nevada