West Virginia consumer credit and protection act

West Virginia SB 340 of 2008 requires that an individual or entity that owns or licenses computerized data that includes personal information shall give notice of any breach of the security of the system, following discovery or notification of the breach of the security of the system, to any resident of this state whose unencrypted and unredacted personal information was, or is reasonably believed to have been, accessed and acquired by an unauthorized person and that causes, or the individual or entity reasonably believes has caused or will cause, identity theft or other fraud to any resident of this state. The policy detects combinations of Personally Identifiable Information (PII) like social security, credit card, and driver’s license numbers. The rules for this policy are:

• West Virginia Consumer Credit and Protection Act: Account and Password
• West Virginia Consumer Credit and Protection Act: Name and CCN
• West Virginia Consumer Credit and Protection Act: Name and Password (Wide)
• West Virginia Consumer Credit and Protection Act: Name and Password (Default)
• West Virginia Consumer Credit and Protection Act: Name and Password (Narrow)
• West Virginia Consumer Credit and Protection Act: Name and SSN
• West Virginia Consumer Credit and Protection Act: Password Dissemination for HTTP Traffic (Wide)
• West Virginia Consumer Credit and Protection Act: Password Dissemination for HTTP Traffic (Default)
• West Virginia Consumer Credit and Protection Act: Password Dissemination for HTTP Traffic (Narrow)