Ask Reggi Your Question Now
Can you summarize UTCO Title 13, Chapter 44, Part 1?
Protection of Personal Information Act > General Provisions
Short Summary
The Protection of Personal Information Act governs the security and confidentiality of personal information. It defines ‘breach of system security’ as the unauthorized acquisition of computerized data compromising the security, confidentiality, or integrity of personal information. However, it excludes the acquisition of personal information by an employee or agent of the person possessing unencrypted computerized data, unless used for an unlawful purpose or disclosed in an unauthorized manner. The Act defines ‘consumer’ as a natural person and ‘financial institution’ as per the definition in 15 U.S.C. Sec. 6809. ‘Personal information’ includes a person’s first name or initial and last name, combined with certain data elements such as Social Security number, financial account number, credit or debit card number, and driver license number or state identification card number. However, it excludes information contained in government records or widely distributed media available to the general public. The Act clarifies that ‘record’ includes materials maintained in any form, including paper and electronic. The penalties for non-compliance or violation of the provisions are not specified in this document. This Act does not apply to a financial institution or an affiliate, as defined in 15 U.S.C. Sec. 6809, of a financial institution.
Whom does it apply to?
Individuals and entities possessing personal information
What does it govern?
Security and confidentiality of personal information
What are exemptions?
Acquisition of personal information by an employee or agent of the person possessing unencrypted computerized data, unless used for an unlawful purpose or disclosed in an unauthorized manner; information contained in government records or widely distributed media available to the general public
What are the Penalties?
Not specified
Jurisdiction
Utah