Enhance your TRUST relationship with PRIVACY and SECURITY. Privacy Made Simple!

   +1 866 267 0049   830 NE Pop Tilton Place, Jensen Beach, FL 34957

Alaska
Privacy Laws

Overview

BREACH NOTIFICATION – Mandated Timeframe
Without unreasonable delay

FINES & PENALTIES – Violations
$500 to $50,000 per resident

Legal

Regulation Levels

  • Breach Reporting

    Breach Reporting

  • Consumer Notification

    Consumer Notification

  • Vendor Management

    Vendor Management

  • Vendor Contract Required

    Vendor Contract Required

PRIVACY AND SECURITY LAWS

Laws related to personal information and privacy and security.

QUICK FACTS

Alaska Privacy Law Information

PRIVACY PROGRAM

Organizations and Vendors are required to implement and maintain security measures to protect the sensitive personal information during and after disposal to prevent a breach. Organizations must use due diligence by entering into a written contract with Vendors engaged in the business of record destruction to dispose of records containing personal information. Vendors must be assessed by Organizations to show compliance with mandated protections during disposal.

BREACH REPORTING

If breach notification is required to more than 1,000 residents, it must be reported, without unreasonable delay, to all consumer reporting agencies with specific information. Breach of security regulations in Alaska cover unauthorized acquisition of personal information held in either electronic or paper form. If an organization investigates a suspected breach and reasonably determines that affected consumers are unlikely to suffer harm, consumer notification is not required. However, notification must be sent to the state Attorney General stating such determination, and the organization must maintain internal documentation for at least 5 years.

CONSUMER NOTIFICATION

If your breach affects residents in other jurisdictions, those individuals must be notified based on the breach notification laws of the jurisdiction where they reside.

VENDOR/THIRD PARTIES

If Organization relinquishes control by contract with Vendor for disposal, Organization is no longer liable for the disposal of the records. Vendors must notify Organizations upon discovery of a breach or suspected breach. The Organization is responsible for submitting any required regulatory reporting and consumer notifications. Vendors must cooperate with Organizations and provide all necessary information about a breach incident.

FINES & PENALTIES

Organizations may be fined or penalized for Vendor violations. An individual, an organization, or a governmental agency that knowingly violates the disposal regulations may be fined up to $3,000. An individual harmed by violations of the disposal regulations may bring a civil action to recover actual damages, costs and fees. Organizations must protect an individual’s social security number and credit card number through truncation or face a state civil penalty of up to $3,000 in damages, as well as an individual action for actual economic damages, costs and fees.

State Statutes and Laws

AK STAT CHAPTER 45.48

Personal information protection act

AK STAT §§ 45.48.010 – 45.48.090

Disclosure of breach of security

AK STAT §§ 45.48.400 – 45.48.480

Use of social security number

AK STAT §§ 45.48.500 – 45.48.590

Disposal of records

AK STAT § 45.48.750

Truncation of card information

DISCLAIMER

The information provided is not legal guidance or recommendations and are for informational purposes only.