Nevada Revised Statutes
Chapter 603A - Security and Privacy of Personal Information
NRS 603A.040 - "Personal information" defined.


1. "Personal information" means a natural person’s first name or first initial and last name in combination with any one or more of the following data elements, when the name and data elements are not encrypted:
(a) Social security number.
(b) Driver’s license number, driver authorization card number or identification card number.
(c) Account number, credit card number or debit card number, in combination with any required security code, access code or password that would permit access to the person’s financial account.
(d) A medical identification number or a health insurance identification number.
(e) A user name, unique identifier or electronic mail address in combination with a password, access code or security question and answer that would permit access to an online account.
2. The term does not include the last four digits of a social security number, the last four digits of a driver’s license number, the last four digits of a driver authorization card number or the last four digits of an identification card number or publicly available information that is lawfully made available to the general public from federal, state or local governmental records.
(Added to NRS by 2005, 2504; A 2005, 22nd Special Session, 109; 2007, 1314; 2011, 2411; 2015, 241)

<< Previous
Next >>

Structure Nevada Revised Statutes

Nevada Revised Statutes

Chapter 603A - Security and Privacy of Personal Information

NRS 603A.010 - Definitions.

NRS 603A.020 - "Breach of the security of the system data" defined.

NRS 603A.030 - "Data collector" defined.

NRS 603A.040 - "Personal information" defined.

NRS 603A.100 - Applicability; waiver of provisions prohibited.

NRS 603A.200 - Destruction of certain records.

NRS 603A.210 - Security measures.

NRS 603A.215 - Security measures for data collector that accepts payment card; use of encryption; liability for damages; applicability.

NRS 603A.217 - Alternative methods of and technologies for encryption: Adoption of regulations.

NRS 603A.220 - Disclosure of breach of security of system data; methods of disclosure.

NRS 603A.260 - Violation constitutes deceptive trade practice.

NRS 603A.270 - Civil action.

NRS 603A.280 - Restitution.

NRS 603A.290 - Injunction.

NRS 603A.300 - Definitions.

NRS 603A.310 - "Consumer" defined.

NRS 603A.320 - "Covered information" defined.

NRS 603A.323 - "Data broker" defined.

NRS 603A.325 - "Designated request address" defined.

NRS 603A.330 - "Operator" defined.

NRS 603A.333 - "Sale" defined.

NRS 603A.337 - "Verified request" defined.

NRS 603A.338 - Applicability of provisions.

NRS 603A.340 - Notice regarding covered information collected by operator: Operator required to make available to consumers; contents; exception.

NRS 603A.345 - Submission of verified request to operator not to sell covered information collected by operator; response to verified request.

NRS 603A.346 - Submission of verified request to data broker not to sell covered information purchased by data broker; response to verified request.

NRS 603A.347 - Data broker authorized to remedy first failure to comply with requirements concerning verified request.

NRS 603A.348 - Operator authorized to remedy first failure to comply with notice requirements.

NRS 603A.349 - Operator authorized to remedy first failure to comply with requirements concerning verified request.

NRS 603A.350 - Unlawful acts.

NRS 603A.360 - Enforcement by Attorney General; civil penalty for violation or injunction; no private right of action against operator; provisions not exclusive.