Sec. 5. (a) Any state agency that owns or licenses computerized data that includes personal information shall disclose a breach of the security of the system following discovery or notification of the breach to any state resident whose unencrypted personal information was or is reasonably believed to have been acquired by an unauthorized person.
(b) The disclosure of a breach of the security of the system shall be made:
(1) without unreasonable delay; and
(2) consistent with:
(A) the legitimate needs of law enforcement, as described in section 7 of this chapter; and
(B) any measures necessary to:
(i) determine the scope of the breach; and
(ii) restore the reasonable integrity of the data system.
As added by P.L.91-2005, SEC.2.
Structure Indiana Code
Title 4. State Offices and Administration
Article 1. Miscellaneous Provisions
Chapter 11. Notice of Security Breach
4-1-11-2. "Breach of the Security of the System"
4-1-11-3. "Personal Information"
4-1-11-5. Disclosures of Security Breach
4-1-11-6. Notification to Third Party Owner of Security Breach
4-1-11-7. Time Requirement for Notification
4-1-11-8. Form of Notification