Rhode Island identity theft protection act

Rhode Island HB 6191 of 2006 requires that any municipal agency, state agency, or person that stores, owns, collects, processes, maintains, acquires, uses, or licenses data that includes personal information shall provide notification as set forth in this section of any disclosure of personal information, or any breach of the security of the system, that poses a significant risk of identity theft to any resident of Rhode Island whose personal information was, or is reasonably believed to have been, acquired by an unauthorized person or entity. The policy detects combinations of Personally Identifiable Information (PII) like social security, credit card, and driver’s license numbers. The rules for this policy are:

• Rhode Island Identity Theft Protection Act: Name and SSN
• Rhode Island Identity Theft Protection Act: Name and DL
• Rhode Island Identity Theft Protection Act: Name and CCN
• Rhode Island Identity Theft Protection Act: Name and Password (Wide)
• Rhode Island Identity Theft Protection Act: Name and Password (Default)
• Rhode Island Identity Theft Protection Act: Name and Password (Narrow)
• Rhode Island Identity Theft Protection Act: Password Dissemination for HTTP Traffic (Wide)
• Rhode Island Identity Theft Protection Act: Password Dissemination for HTTP Traffic (Default)
• Rhode Island Identity Theft Protection Act: Password Dissemination for HTTP Traffic (Narrow)
• Rhode Island Identity Theft Protection Act: Account and Password