HB 2721 Personal Info. Privacy Act; notification when database breach contain. pers. info. has occurred.
James M. Scott | all patrons    ...    notes
| add to my profiles

Summary as introduced:
Government Data Collection and Dissemination Practices Act; Personal Information Privacy Act; notice of database breaches. Requires agencies and businesses that maintain computerized data that includes personal information to notify the subject of that information when a breach of the database containing that information is discovered. No notice is required if an investigation determines that there is no reasonable belief that the information has been or will be used in an unlawful manner. The bill provides for various means of notifying the owner or licensee of that information and requires the agency or business to coordinate notification with consumer reporting agencies if they indicated that the affected individual can obtain a credit report. Damages for an agency violating this requirement are provided in the Government Data Collection and Dissemination Practices Act ( 2.2-3800 et seq.). Damages for a business violating this requirement are provided in the Personal Information Privacy Act or PIPA ( 59.1-442 et seq.). The bill expands the damages available for violations of PIPA to include actual damages, if greater than $100 per violation, and injunctive relief.

Full text:
01/12/05  House: Prefiled & ordered printed; offered 01/12/05 050067500  pdf | impact statement

Status:
01/12/05  House: Prefiled & ordered printed; offered 01/12/05 050067500
01/12/05  House: Referred to Committee on Science and Technology
01/24/05  House: Passed by in S.T. with letter (20-Y 0-N)