|
8-38-8
Section 8-38-8 Notice of security breach - Covered entity. In the event a third-party agent
has experienced a breach of security in the system maintained by the agent, the agent shall
notify the covered entity of the breach of security as expeditiously as possible and without
unreasonable delay, but no later than 10 days following the determination of the breach of
security or reason to believe the breach occurred. After receiving notice from a third-party
agent, a covered entity shall provide notices required under Sections 8-38-5 and 8-38-6. A
third-party agent, in cooperation with a covered entity, shall provide information in the
possession of the third-party agent so that the covered entity can comply with its notice
requirements. A covered entity may enter into a contractual agreement with a third-party agent
whereby the third-party agent agrees to handle notifications required under this chapter.
(Act 2018-396, §8.)...
alisondb.legislature.state.al.us/alison/CodeOfAlabama/1975/8-38-8.htm - 1K - Match Info - Similar pages
8-38-5
Section 8-38-5 Notice of security breach - Individuals affected. (a) A covered entity that
is not a third-party agent that determines under Section 8-38-4 that, as a result of a breach
of security, sensitive personally identifying information has been acquired or is reasonably
believed to have been acquired by an unauthorized person, and is reasonably likely to cause
substantial harm to the individuals to whom the information relates, shall give notice of
the breach to each individual. (b) Notice to individuals under subsection (a) shall be made
as expeditiously as possible and without unreasonable delay, taking into account the time
necessary to allow the covered entity to conduct an investigation in accordance with Section
8-38-4. Except as provided in subsection (c), the covered entity shall provide notice within
45 days of the covered entity's receipt of notice from a third-party agent that a breach has
occurred or upon the covered entity's determination that a breach has occurred...
alisondb.legislature.state.al.us/alison/CodeOfAlabama/1975/8-38-5.htm - 4K - Match Info - Similar pages
8-38-6
Section 8-38-6 Notice of security breach - Attorney General. (a) If the number of individuals
a covered entity is required to notify under Section 8-38-5 exceeds 1,000, the entity shall
provide written notice of the breach to the Attorney General as expeditiously as possible
and without unreasonable delay. Except as provided in subsection (c) of Section 8-38-5, the
covered entity shall provide the notice within 45 days of the covered entity's receipt of
notice from a third-party agent that a breach has occurred or upon the entity's determination
that a breach has occurred and is reasonably likely to cause substantial harm to the individuals
to whom the information relates. (b) Written notice to the Attorney General shall include
all of the following: (1) A synopsis of the events surrounding the breach at the time that
notice is provided. (2) The approximate number of individuals in the state who were affected
by the breach. (3) Any services related to the breach being offered or...
alisondb.legislature.state.al.us/alison/CodeOfAlabama/1975/8-38-6.htm - 1K - Match Info - Similar pages
8-38-9
Section 8-38-9 Violations of notification requirements. (a) A violation of the notification
provisions of this chapter is an unlawful trade practice under the Alabama Deceptive Trade
Practices Act, Chapter 19 of this title, but does not constitute a criminal offense under
Section 8-19-12. The Attorney General shall have the exclusive authority to bring an action
for civil penalties under this chapter. (1) A violation of this chapter does not establish
a private cause of action under Section 8-19-10. Nothing in this chapter may otherwise be
construed to affect any right a person may have at common law, by statute, or otherwise. (2)
Any covered entity or third-party agent who is knowingly engaging in or has knowingly engaged
in a violation of the notification provisions of this chapter is subject to the penalty provisions
set out in Section 8-19-11. For the purposes of this chapter, knowingly shall mean willfully
or with reckless disregard in failing to comply with the notice...
alisondb.legislature.state.al.us/alison/CodeOfAlabama/1975/8-38-9.htm - 4K - Match Info - Similar pages
7-1-201
Section 7-1-201 General definitions. (a) [Reserved]. (b) Subject to additional definitions
contained in the subsequent articles of this title which are applicable to specific articles
or parts thereof, and unless the context otherwise requires, in this title: (1) "Action,"
in the sense of a judicial proceeding, includes recoupment, counterclaim, set-off, suit in
equity, and any other proceeding in which rights are determined. (2) "Aggrieved party"
means a party entitled to pursue a remedy. (3) "Agreement," as distinguished from
"contract," means the bargain of the parties in fact, as found in their language
or inferred from other circumstances, including course of performance, course of dealing,
or usage of trade as provided in Section 7-1-303. (4) "Bank" means a person engaged
in the business of banking and includes a savings bank, savings and loan association, credit
union, and trust company. (5) "Bearer" means a person in possession of a negotiable
instrument, document of title, or...
alisondb.legislature.state.al.us/alison/CodeOfAlabama/1975/7-1-201.htm - 11K - Match Info - Similar pages
8-38-3
Section 8-38-3 Reasonable security measures; assessment. (a) Each covered entity and third-party
agent shall implement and maintain reasonable security measures to protect sensitive personally
identifying information against a breach of security. (b) Reasonable security measures means
security measures practicable for the covered entity subject to subsection (c), to implement
and maintain, including consideration of all of the following: (1) Designation of an employee
or employees to coordinate the covered entity's security measures to protect against a breach
of security. An owner or manager may designate himself or herself. (2) Identification of internal
and external risks of a breach of security. (3) Adoption of appropriate information safeguards
to address identified risks of a breach of security and assess the effectiveness of such safeguards.
(4) Retention of service providers, if any, that are contractually required to maintain appropriate
safeguards for sensitive personally...
alisondb.legislature.state.al.us/alison/CodeOfAlabama/1975/8-38-3.htm - 2K - Match Info - Similar pages
8-38-2
Section 8-38-2 Definitions. For the purposes of this chapter, the following terms have the
following meanings: (1) BREACH OF SECURITY or BREACH. The unauthorized acquisition of data
in electronic form containing sensitive personally identifying information. Acquisition occurring
over a period of time committed by the same entity constitutes one breach. The term does not
include any of the following: a. Good faith acquisition of sensitive personally identifying
information by an employee or agent of a covered entity, unless the information is used for
a purpose unrelated to the business or subject to further unauthorized use. b. The release
of a public record not otherwise subject to confidentiality or nondisclosure requirements.
c. Any lawful investigative, protective, or intelligence activity of a law enforcement or
intelligence agency of the state, or a political subdivision of the state. (2) COVERED ENTITY.
A person, sole proprietorship, partnership, government entity, corporation,...
alisondb.legislature.state.al.us/alison/CodeOfAlabama/1975/8-38-2.htm - 4K - Match Info - Similar pages
40-29-22
Section 40-29-22 Lien for taxes - Validity and priority against certain persons. (a) Purchasers,
holders of security interests, mechanic's lienors, and judgment lien creditors. The lien imposed
by Section 40-29-20 shall not be valid as against any purchaser, holder of a security interest,
mechanic's lienor, or judgment lien creditor until notice thereof which meets the requirements
of subsection (f) has been filed by the Commissioner of Revenue or his delegate, and shall
not be perfected as against any purchaser, holder of a security interest, mechanic's lienor,
or judgment lien creditor until the date such notice is filed. (b) Protection for certain
interest even though notice filed. Even though notice of a lien imposed by Section 40-29-20
has been filed, such lien shall not be valid: (1) SECURITIES. With respect to a security (as
defined in subsection (g)(4)): a. As against a purchaser of such security who at the time
of purchase did not have actual notice or knowledge of the...
alisondb.legislature.state.al.us/alison/CodeOfAlabama/1975/40-29-22.htm - 17K - Match Info - Similar pages
27-60-2
Section 27-60-2 Interstate Insurance Product Regulation Compact. The State of Alabama hereby
agrees to the following interstate compact known as the Interstate Insurance Product Regulation
Compact: ARTICLE I. PURPOSES. The purposes of this compact are, through means of joint and
cooperative action among the compacting states: 1. To promote and protect the interest of
consumers of individual and group annuity, life insurance, disability income, and long-term
care insurance products; 2. To develop uniform standards for insurance products covered under
the compact; 3. To establish a central clearinghouse to receive and provide prompt review
of insurance products covered under the compact and, in certain cases, advertisements related
thereto, submitted by insurers authorized to do business in one or more compacting states;
4. To give appropriate regulatory approval to those product filings and advertisements satisfying
the applicable uniform standard; 5. To improve coordination of...
alisondb.legislature.state.al.us/alison/CodeOfAlabama/1975/27-60-2.htm - 45K - Match Info - Similar pages
8-38-7
Section 8-38-7 Notice of security breach - Consumer reporting agencies. If a covered entity
discovers circumstances requiring notice under Section 8-38-5 of more than 1,000 individuals
at a single time, the entity shall also notify, without unreasonable delay, all consumer reporting
agencies that compile and maintain files on consumers on a nationwide basis, as defined in
the Fair Credit Reporting Act, 15 U.S.C. §1681a, of the timing, distribution, and content
of the notices. (Act 2018-396, §7.)...
alisondb.legislature.state.al.us/alison/CodeOfAlabama/1975/8-38-7.htm - 810 bytes - Match Info - Similar pages
|