Idaho data breach notification

Idaho SB 1374 of 2006 requires a city, county, or stage agency, individual, or commercial entity that conducts business in Idaho and that owns or licenses computerized data that includes personal information about a resident of Idaho shall, when it becomes aware of a breach of the security of the system, conduct in good faith a reasonable and prompt investigation to determine the likelihood that personal information has been or will be misused. If the investigation determines that the misuse of information about an Idaho resident has occurred or is reasonably likely to occur, the agency, individual, or commercial entity shall give notice as soon as possible to the affected Idaho resident. The policy detects combinations of Personally Identifiable Information (PII) like social security, credit card, and driver’s license numbers. Additional rules detect passwords and account numbers. The rules for this policy are:

• Idaho Data Breach Notification: Name and SSN
• Idaho Data Breach Notification: Name and DL
• Idaho Data Breach Notification: Name and CCN
• Idaho Data Breach Notification: Name and Password (Wide)
• Idaho Data Breach Notification: Name and Password (Default)
• Idaho Data Breach Notification: Name and Password (Narrow)
• Idaho Data Breach Notification: Password Dissemination for HTTP Traffic (Wide)
• Idaho Data Breach Notification: Password Dissemination for HTTP Traffic (Default)
• Idaho Data Breach Notification: Password Dissemination for HTTP Traffic (Narrow)
• Idaho Data Breach Notification: Account and Password