Alabama Policy 621 Data Breach Notification
This download includes Alabama Policy 621: Data Breach Notification so there are no mapped questions. Use this download if you just want the provisions and you want to create your own question set.
The objective of this policy is to define the requirements and responsibilities for providing notifications when a breach of personal information has occurred.
The requirements and responsibilities defined in OIT policies apply to all departments, agencies, offices, boards, commissions, bureaus, and authorities (referred to generally as agency or agencies) and authorized individuals in the employment of the State of Alabamaresponsible for the management, operation, or use of state IT.
State government is committed to protecting the privacy of Alabama citizens. The Alabama Data Breach Notification Act of 2018 (Act2018-396) requires certain entities to provide notice to certain persons upon a breach of security that results in the unauthorized acquisition of sensitive personally identifying information (PII).
This policy supports implementation of the Alabama Data Breach Notification Act and expands the provisions and requirements of the Act as follows. This policy does not replace the Act or any other law or industry standard regarding breach notification.
Getting StartedClick "Book a demo" and our team will provide you with an overview of our content library within the 6clicks GRC platform.
|Type||Laws or related obligations|