Nevada Amends Data Breach Statute to Expand Definition of PII | Practical Law

Nevada Amends Data Breach Statute to Expand Definition of PII | Practical Law

The Governor of Nevada has signed a bill into law expanding the definition of personally identifiable information for purposes of the state's data breach and safeguards statutes.

Nevada Amends Data Breach Statute to Expand Definition of PII

Practical Law Legal Update 7-614-0147 (Approx. 3 pages)

Nevada Amends Data Breach Statute to Expand Definition of PII

by Practical Law Intellectual Property & Technology
Published on 20 May 2015Nevada
The Governor of Nevada has signed a bill into law expanding the definition of personally identifiable information for purposes of the state's data breach and safeguards statutes.
On May 13, 2015, the Governor of Nevada signed AB 179 into law. The bill expands the definition of "personally identifiable information" (PII) as used in the state's data breach notification statute to add the following data elements:
  • A driver authorization card number.
  • Medical identification number or health insurance identification number.
  • User name, unique identifier or e-mail address in combination with a password, access code or security question and answer that would permit access to an online account.
In addition, the bill amends the exclusion from PII for publicly available information to limit it to information available from federal, state or local government records.
AB 179 will also apply to the state's personal information safeguard laws and will go into effect July 1, 2015.