Delaware
| Computer Security Breaches | |
|---|---|
| CITATION | Delaware Code Title 6: § 12B-101 et seq. |
| ENACTED | 2005 |
| SUMMARY | An individual or a commercial entity that conducts business in Delaware and that owns or licenses computerized data that includes personal information about a resident of Delaware shall, when it becomes aware of a breach of the security of the system, conduct in good faith a reasonable and prompt investigation to determine the likelihood that personal information has been or will be misused. If the investigation determines that the misuse of information about a Delaware resident has occurred or is reasonably likely to occur, the individual or the commercial entity shall give notice as soon as possible to the affected Delaware resident. Notice must be made in the most expedient time possible and without unreasonable delay, consistent with the legitimate needs of law enforcement and consistent with any measures necessary to determine the scope of the breach and to restore the reasonable integrity of the computerized data system. |
| DATA COVERED |
Definition of Personal Information: A Delaware resident's first name or first initial and last name in combination with any 1 or more of the following data elements that relate to the resident, when either the name or the data elements are not encrypted:
|
| INDUSTRY | Applies to an individual or commercial entity that conducts business in Delaware and that owns or licenses computerized data that includes personal information about a resident of Delaware. |
| PENALTIES | The Attorney General may bring an action in law or equity to address the violations and for other relief that may be appropriate including monetary damages. |
