Rhode Island General Laws: §§ 11-49.2-1 to 11-49.2-7
House Bill 6191
Effective Date: March 1, 2006
Definition of Personal Information: An individual's first name or first initial and last name in combination with any one or more of the following data elements, when either the name or the data elements are not encrypted:
(a) Social security number;
(b) Driver’s license number or Rhode Island identification card number;
(c) Account number, credit or debit card number, in combination with any required security code, access code, or password that would permit access to an individual's financial account.
Summary: Any state agency or person that owns, maintains or licenses computerized data that includes personal information, shall disclose any breach of the security of the system which poses a significant risk of identity theft following discovery or notification of the breach in the security of the data to any resident of Rhode Island whose unencrypted personal information was, or is reasonably believed to have been, acquired by an unauthorized person or a person without authority, to acquire said information. The disclosure shall be made in the most expedient time possible and without unreasonable delay, consistent with the legitimate needs of law enforcement, or any measures necessary to determine the scope of the breach and restore the reasonable integrity of the data system.
Visit the state Web site