Council Bill: 16-810
District Columbia Code: §28-3851 et seq.
Effective Date: March 8, 2007
Definition of Personal Information: An individual's first name or first initial and last name, or phone number, or address, and any one or more of the following data elements:
(a) Social security number;
(b) Driver's license number or District of Columbia Identification Card number;
(c) Credit card number or debit card number; or
(d) Any other number or code or combination of numbers or codes, such as account number, security code, access code or password, that allows access to or use of an individual's financial or credit account.
Summary: Any person or entity who conducts business in the District of Columbia, and who,
in the course of such business, owns or licenses computerized or other electronic data that includes personal information, and who discovers a breach of the security of the system, shall promptly notify any District of Columbia resident whose personal information was included in the breach. The notification shall be made in the most expedient time possible and without unreasonable delay, consistent with the legitimate needs of law enforcement and with any measures necessary to determine the scope of the breach and restore the reasonable integrity of the data system.
Visit the State Web site