House Bill: 1660
New Hampshire Revised Statute Annotated: § 359-C:19 to 21
Effective Date: January 1, 2007
Definition of Personal Information: An individual’s first name or initial and last name in combination with any one or more of the following data elements, when either the name or the data elements are not encrypted:
(a) Social security number;
(b) Driver’s license number or other government ID number;
(c) Account number, credit card number or debit card number, in combination with any required security code, access code, or password that would permit access to an individual’s financial account.
Summary: Any person doing business in this state who owns or licenses computerized data that includes personal information shall, when it becomes aware of a security breach, promptly determine the likelihood that the information has been or will be misused. If the determination is that misuse of the information has occurred or is reasonably likely to occur, or if a determination cannot be made, the person shall notify the affected individuals as soon as possible as required under this subdivision.
Visit the state Web site