Idaho
Privacy Laws
Overview
BREACH NOTIFICATION – Mandated Timeframe
Without unreasonable delay
FINES & PENALTIES – Violations
Up to $25,000 per breach
Regulation Levels
-
Breach Reporting
-
Consumer Notification
-
Vendor Management
-
Vendor Contract Required
PRIVACY AND SECURITY LAWS
Laws related to personal information and privacy and security.
Breach Reporting
Required
Vendor Obligations
Required
Consumer Notification
Required
Vendor Contracts
Not Required
Vendor Notification
Required
Privacy Program
Not Required
QUICK FACTS
Idaho Privacy Law Information
There are specific considerations when determining if a breach is reportable. Notifications may only be given by specific methods. The breach notification law applies to any person or entity conducting business in the state who licenses or maintains personal information in the course of business.
If your breach affects residents in other jurisdictions, those individuals must be notified based on the breach notification laws of the jurisdiction where they reside.
Vendors must notify Organizations upon discovery of a breach or suspected breach. The Organization is responsible for submitting any required regulatory reporting and consumer notifications. Vendors must cooperate with Organizations by providing all necessary information about a breach.
Organizations may be fined or penalized for Vendor violations. The Attorney General may bring a civil action for violations of and enforce compliance with security breach requirements.
Idaho Statutes and Laws
Payment card receipts
Identity theft – definitions
Disclosure of breach of security of computerized personal information by an agency, individual or a commercial entity
Procedures deemed in compliance with security breach requirements
Violations
Credit report protection act
Protection of personal information
DISCLAIMER
The information provided is not legal guidance or recommendations and are for informational purposes only.