Download this document in MS Word format
BILL AS INTRODUCED 2007-2008

AutoFill Template

H.261

Introduced by Representative Johnson of Canaan

Referred to Committee on

Date:

Subject:  Commerce and trade; consumer protection; personal information

Statement of purpose:  This bill proposes to amend the security breach law so that it applies to all acquisition of or access to personal information.

AN ACT RELATING TO NOTICE OF SECURITY BREACHES

It is hereby enacted by the General Assembly of the State of Vermont:

Sec. 1.  9 V.S.A. § 2430(8) is amended to read:

(8)(A)  “Security breach” means unauthorized acquisition of or access of  to computerized data that compromises the security, confidentiality, or integrity of personal information maintained by the data collector.

(B)  “Security breach” does not include good faith but unauthorized acquisition of or access of to personal information by an employee or agent of the data collector for a legitimate purpose of the data collector, provided that the personal information is not used for a purpose unrelated to the data collector’s business or subject to further unauthorized disclosure.  “Security breach” does not include acquisition to access of personal information by a person

authorized by the data collector when the personal information is accessible only through use of an access code, password, or other security measure issued by the data collector.



Published by:

The Vermont General Assembly
115 State Street
Montpelier, Vermont


www.leg.state.vt.us