RS 51:3073     

§3073. Definitions

            As used in this Chapter, the following terms shall have the following meanings:

            (1) "Agency" means the state, a political subdivision of the state, and any officer, agency, board, commission, department or similar body of the state or any political subdivision of the state.

            (2) "Breach of the security of the system" means the compromise of the security, confidentiality, or integrity of computerized data that results in, or there is a reasonable likelihood to result in, the unauthorized acquisition of and access to personal information maintained by an agency or person. Good faith acquisition of personal information by an employee or agent of an agency or person for the purposes of the agency or person is not a breach of the security of the system, provided that the personal information is not used for, or is subject to, unauthorized disclosure.

            (3) "Person" means any individual, corporation, partnership, sole proprietorship, joint stock company, joint venture, or any other legal entity.

            (4)(a) "Personal information" means the first name or first initial and last name of an individual resident of this state in combination with any one or more of the following data elements, when the name or the data element is not encrypted or redacted:

            (i) Social security number.

            (ii) Driver's license number or state identification card number.

            (iii) Account number, credit or debit card number, in combination with any required security code, access code, or password that would permit access to an individual's financial account.

            (iv) Passport number.

            (v) Biometric data. "Biometric data" means data generated by automatic measurements of an individual's biological characteristics, such as fingerprints, voice print, eye retina or iris, or other unique biological characteristic that is used by the owner or licensee to uniquely authenticate an individual's identity when the individual accesses a system or account.

            (b) "Personal information" shall not include publicly available information that is lawfully made available to the general public from federal, state, or local government records.

            Acts 2005, No. 499, §1, eff. Jan. 1, 2006; Acts 2018, No. 382, §1.