Delaware data breach notification

Delaware HB 116 of 2005 requires that any person who conducts business in this State and who owns, licenses, or maintains computerized data that includes personal information shall provide notice of any breach of security, following determination of

the breach of security, to any resident of this state whose personal information was breached or is reasonably believed to have been breached; unless, after an appropriate investigation, the person reasonably determines that the breach of security is unlikely to result in harm to the individuals whose personal information has been breached.

The policy detects combinations of Personally Identifiable Information (PII) like social security, credit card, and driver’s license numbers. The rules for this policy are:

• Delaware Data Breach Notification: Name and SSN
• Delaware Data Breach Notification: Name and CCN
• Delaware Data Breach Notification: Name and Password (Wide)
• Delaware Data Breach Notification: Name and Password (Default)
• Delaware Data Breach Notification: Name and Password (Narrow)
• Delaware Data Breach Notification: Password Dissemination for HTTP Traffic (Wide)
• Delaware Data Breach Notification: Password Dissemination for HTTP Traffic (Default)
• Delaware Data Breach Notification: Password Dissemination for HTTP Traffic (Narrow)
• Delaware Data Breach Notification: Account and Password
• Delaware Data Breach Notification: Credit cards and Sensitive Disease or drug
• Delaware Data Breach Notification: Credit Card and Common Medical Condition