House File: 2121
Minnesota Statute: § 325E.61
Effective Date: January 1, 2006
Definition of Personal Information: The first name or initial and surname combined with one or more of the following:
(a) Social security number;
(b) Driver's license or Minnesota identification card number; or
(c) Account number combined with a security code or password that would allow access to a financial account.
Summary: Any person or business that conducts business in this state, and that owns or licenses data that includes personal information, shall disclose any breach of the security of the system following discovery or notification of the breach in the security of the data to any resident of this state whose unencrypted personal information was, or is reasonably believed to have been, acquired by an unauthorized person. The disclosure must be made in the most expedient time possible and without unreasonable delay, consistent with the legitimate needs of law 6enforcement or with any measures necessary to determine the scope of the breach, identify the individuals affected, and restore the reasonable integrity of the data system.
Visit the state Web site