House Bill: 116
Delaware Code Title 6: §12B-101 et seq.
Effective Date: June 28, 2005
Definition of Personal Information: A Delaware resident's first name or first initial and last name in combination with any 1 or more of the following data elements that relate to the resident, when either the name or the data elements are not encrypted:
(a) Social security number;
(b) Driver's license number or Delaware Identification Card number;
(c) Account number, or credit or debit card number, in combination with any required security code, access code, or password that would permit access to a resident's financial account; or
(d) Individually identifiable information regarding medical history.
Summary: An individual or a commercial entity that conducts business in Delaware and that owns or licenses computerized data that includes personal information about a resident of Delaware shall, when it becomes aware of a breach of the security of the system, conduct in good faith a reasonable and prompt investigation to determine the likelihood that personal information has been or will be misused. If the investigation determines that the misuse of information about a Delaware resident has occurred or is reasonably likely to occur, the individual or the commercial entity shall give notice as soon as possible to the affected Delaware resident. Notice must be made in the most expedient time possible and without unreasonable delay, consistent with the legitimate needs of law enforcement and consistent with any measures necessary to determine the scope of the breach and to restore the reasonable integrity of the computerized data system.
Visit the State Web site