2017 Indiana Code
TITLE 24. Trade Regulation
CHAPTER 2. Definitions
24-4.9-2-2. "Breach of the security of data"

Universal Citation: IN Code § 24-4.9-2-2 (2017)
IC 24-4.9-2-2 "Breach of the security of data"

     Sec. 2. (a) "Breach of the security of data" means unauthorized acquisition of computerized data that compromises the security, confidentiality, or integrity of personal information maintained by a person. The term includes the unauthorized acquisition of computerized data that have been transferred to another medium, including paper, microfilm, or a similar medium, even if the transferred data are no longer in a computerized format.

     (b) The term does not include the following:

(1) Good faith acquisition of personal information by an employee or agent of the person for lawful purposes of the person, if the personal information is not used or subject to further unauthorized disclosure.

(2) Unauthorized acquisition of a portable electronic device on which personal information is stored, if all personal information on the device is protected by encryption and the encryption key:

(A) has not been compromised or disclosed; and

(B) is not in the possession of or known to the person who, without authorization, acquired or has access to the portable electronic device.

As added by P.L.125-2006, SEC.6. Amended by P.L.136-2008, SEC.2; P.L.137-2009, SEC.3.


Disclaimer: These codes may not be the most recent version. Indiana may have more current or accurate information. We make no warranties or guarantees about the accuracy, completeness, or adequacy of the information contained on this site or the information linked to on the state site. Please check official sources.
This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.