State Identity Theft andPrivacy Legislations - PowerPoint PPT Presentation

1 / 9
About This Presentation
Title:

State Identity Theft andPrivacy Legislations

Description:

... resident of the state whose unencrypted personal information was, or is ... to, a person's name, address, telephone number, driver license or state personal ... – PowerPoint PPT presentation

Number of Views:62
Avg rating:3.0/5.0
Slides: 10
Provided by: jaci47
Category:

less

Transcript and Presenter's Notes

Title: State Identity Theft andPrivacy Legislations


1
State Identity Theft and Privacy Legislations
  • R. J. Schlecht

2
Regulatory Compliance
  • Real Estate Statement Procedures Act (RESPA)
  • Truth In Lending Act (TILA)
  • Home Ownership and Equity Protection Act
  • Equal Credit Opportunity Act (ECOA)
  • Fair Credit Report Act (FCRA)
  • Home Mortgage Disclosure Act (HMDA)
  • Community Reinvestment Act (CRA)
  • Predatory Lending
  • Gramm-Leach-Bliley Act (GLB)
  • No notification requirement
  • SOX
  • Federal, State, and Local

3
Notification Bills
  • Any person or business that conducts business in
    this state and that maintains computerized data
    that includes personal information shall disclose
    any breach of the security of the system
    following discovery or notification of the breach
    of the security of the data to any resident of
    the state whose unencrypted personal information
    was, or is reasonably believed to have been,
    acquired by an unauthorized person.

4
CA SB 1386
  • An individual's first name or first initial and
    last name in combination with any one or more of
    the following data elements, when either the name
    or the data elements are not encrypted
  • Social security number.
  • Driver's license number or CA Identification Card
    number.
  • Account number, credit or debit card number, in
    combination with any required security code,
    access code, or password that would permit access
    to an individual's financial account.
  • Personal information does not include any
    publicly available information

5
Tricky Characteristics
  • Define the terms "breach of the security of the
    system" and "personal information"
  • Computerized (or not)
  • unauthorized access to or acquisition of
    electronic files, media, databases or
    computerized data containing personal information
  • Confidentiality or Integrity (subjective)
  • unauthorized acquisition of computerized data
    that compromise the security, confidentiality or
    integrity of personal information that is
    maintained by an entity.
  • Encryption (or not)
  • personal information has not been secured by
    encryption or by any other method or technology
    that renders the personal information unreadable
    or unusable.
  • Whos to say the encryption is any good?
  • Bills can be wrapped in other identity theft
    legislation
  • Misdemeanor, Class ? Felony, Security freeze,
    Credit Bureau, Protection of Social Security
    Number, Disposal of Records, etc.

6
Interesting Assets
  • Michigan S. B. 0309
  • "Personal identifying information" means a name,
    number, or other information that is used for the
    purpose of identifying a specific person or
    providing access to a person's financial
    accounts, including, but not limited to, a
    person's name, address, telephone number, driver
    license or state personal identification card
    number, social security number, place of
    employment, employee identification number,
    employer or taxpayer identification number,
    government passport number, health insurance
    identification number, mother's maiden name,
    demand deposit account number, savings account
    number, financial transaction device account
    number or the person's account password, stock or
    other security certificate or account number,
    credit card number, vital record, or medical
    records or information.
  • North Carolina S. B. 1048 / H. B. 1248
  • The term "identifying information" as used in
    this Article includes the following Social
    security numbers, Drivers license, State
    identification card, or passport numbers,
    Checking account numbers, Savings account
    numbers, Credit card numbers, Debit card numbers.
    Personal Identification (PIN) Code, Electronic
    identification numbers, electronic mail, Internet
    accounts, or Internet identification. Digital
    signatures, Any other numbers or information that
    can be used to access a person's financial,
    resources, Biometric data, Fingerprints,
    Passwords, Parent's legal surname prior to
    marriage.

7
(No Transcript)
8
Recommendation to Review Policy
  • Recommend adding a definition for personal and
    private information.
  • Non-Private Information
  • Private Information
  • Sensitive Personal Information
  • Recommend adding a definition for a security
    breach.
  • Recommend rewording item to include the
    protection of personal private information
  • Consider adding a section regarding the notice
    and publication of privacy policies.
  • Consider adding a section regarding the
    notification of security breach.

9
Contact Info
  • R. J. Schlecht
  • Director, Industry Technology Security and
    Compliance
  • Mortgage Bankers Association (MBA)
  • rschlecht_at_mortgagebankers.org
  • (202) 557-2843
Write a Comment
User Comments (0)
About PowerShow.com
Home About Us Terms and Conditions Privacy Policy Presentation Removal Request Contact Us
Copyright 2024 CrystalGraphics, Inc. — All rights Reserved. PowerShow.com is a trademark of CrystalGraphics, Inc.
The PowerPoint PPT presentation: "State Identity Theft andPrivacy Legislations" is the property of its rightful owner.
Do you have PowerPoint slides to share? If so, share your PPT presentation slides online with PowerShow.com. It's FREE!