2006 Georgia Code - 10-1-91110-1-911. As used in this article, the term: (1) 'Breach of the security of the system' means unauthorized acquisition of an individuaĺs computerized data that compromises the security, confidentiality, or integrity of personal information of such individual maintained by an information broker. Good faith acquisition of personal information by an employee or agent of an information broker for the purposes of such information broker is not a breach of the security of the system, provided that the personal information is not used or subject to further unauthorized disclosure. (2) 'Information broker' means any person or entity who, for monetary fees or dues, engages in whole or in part in the business of collecting, assembling, evaluating, compiling, reporting, transmitting, transferring, or communicating information concerning individuals for the primary purpose of furnishing personal information to nonaffiliated third parties, but does not include any governmental agency whose records are maintained primarily for traffic safety, law enforcement, or licensing purposes. (3) 'Notice' means: (A) Written notice; (B) Electronic notice, if the notice provided is consistent with the provisions regarding electronic records and signatures set forth in Section 7001 of Title 15 of the United States Code; or (C) Substitute notice, if the information broker demonstrates that the cost of providing notice would exceed $250,000.00, that the affected class of individuals to be notified exceeds 500,000, or that the information broker does not have sufficient contact information to provide written or electronic notice to such individuals. Substitute notice shall consist of all of the following: (i) E-mail notice, if the information broker has an e-mail address for the individuals to be notified; (ii) Conspicuous posting of the notice on the information brokeŕs website page, if the information broker maintains one; and (iii) Notification to major state-wide media. Notwithstanding any provision of this paragraph to the contrary, an information broker that maintains its own notification procedures as part of an information security policy for the treatment of personal information and is otherwise consistent with the timing requirements of this article shall be deemed to be in compliance with the notification requirements of this article if it notifies the individuals who are the subjects of the notice in accordance with its policies in the event of a breach of the security of the system. (4) 'Person' means any individual, partnership, corporation, limited liability company, trust, estate, cooperative, association, or other entity. The term 'person' as used in this article shall not be construed to require duplicative reporting by any individual, corporation, trust, estate, cooperative, association, or other entity involved in the same transaction. (5) 'Personal information' means an individuaĺs first name or first initial and last name in combination with any one or more of the following data elements, when either the name or the data elements are not encrypted or redacted: (A) Social security number; (B) Driveŕs license number or state identification card number; (C) Account number, credit card number, or debit card number, if circumstances exist wherein such a number could be used without additional identifying information, access codes, or passwords; (D) Account passwords or personal identification numbers or other access codes; or (E) Any of the items contained in subparagraphs (A) through (D) of this paragraph when not in connection with the individuaĺs first name or first initial and last name, if the information compromised would be sufficient to perform or attempt to perform identity theft against the person whose information was compromised. The term 'personal information' does not include publicly available information that is lawfully made available to the general public from federal, state, or local government records.
Disclaimer: These codes may not be the most recent version. Georgia may have more current or accurate information. We make no warranties or guarantees about the accuracy, completeness, or adequacy of the information contained on this site or the information linked to on the state site. Please check official sources.