ARIZONA HOUSE OF REPRESENTATIVES

Fifty-fifth Legislature

Second Regular Session

House: COM DP 9-1-0-0

HB 2146: data security breach; notification

Sponsor: Representative Bolick, LD 20

Caucus & COW

Overview

Includes the Director of the Arizona Department of Homeland Security (AZDOHS) in the list of individuals that receive security system breach notifications.

History

An individual who does business in Arizona that owns, maintains or licenses unencrypted and unredacted computerized personal information and suspects a security breach is required to investigate this matter. If a breach is determined to have occurred, the person who owns or licenses the data must provide support to law enforcement. If the breach affects more than 1,000 individuals, then the Arizona Attorney General and the three largest consumer reporting agencies must be notified (A.R.S. § 18-552).

For all data breaches, within 45 days, all individuals who had their data compromised must be notified. The notice must be given to all individuals in writing, by phone or by email. But substitute notice may be provided by the owner of the data if the person demonstrates that the:

1)   cost of providing notice would exceed $50,000;  

2)   number of individuals to be notified exceeds 100,000; or

3)   data owner breached does not have the necessary contact information (A.R.S. § 18-552).

For substitute notice, the data owner is required to send a letter to the attorney general that demonstrates the necessity of substitute notice and to post notice of the breach conspicuously on his website for 45 days if he maintains a website (A.R.S. § 18-552).

Provisions

1.   ☐ Prop 105 (45 votes) ☐ Prop 108 (40 votes) ☐ Emergency (40 votes) ☐ Fiscal NoteRevises reporting requirements for computer security breaches of companies that own, maintain or license unencrypted or unredacted computerized personal information to include notifying the Director of AZDOHS. (Sec. 1)

2.   Adds that, as with the notification to the attorney general, the notification to the Director of AZDOHS is also confidential. (Sec. 1)

3.   Makes technical changes. (Sec. 1)

 

 

 

 

 

 

---------- DOCUMENT FOOTER ---------

                        HB 2146

Initials PRB/NM          Page 0 Caucus & COW

 

---------- DOCUMENT FOOTER ---------