North Carolina Identity Theft Protection Act

North Carolina SB 1048 of 2005 requires that any business that owns or licenses personal information of residents of North Carolina or any business that conducts business in North Carolina that owns or licenses personal information in any form (whether computerized, paper, or otherwise) shall provide notice to the affected person that there has been a security breach, following discovery or notification of the breach. The policy detects combinations of Personally Identifiable Information (PII) like social security, credit card, and driver’s license numbers. The rules for this policy are:

• North Carolina Identity Theft Protection Act: Name and SSN
• North Carolina Identity Theft Protection Act: Name and DL
• North Carolina Identity Theft Protection Act: Name and CCN