(a) If a breach of the security of the information system containing personal information on a state resident that is maintained by an information recipient occurs, the information recipient is not required to comply with AS 45.48.010 - 45.48.030. However, immediately after the information recipient discovers the breach, the information recipient shall notify the information distributor who owns the personal information or who licensed the use of the personal information to the information recipient about the breach and cooperate with the information distributor as necessary to allow the information distributor to comply with (b) of this section. In this subsection, "cooperate" means sharing with the information distributor information relevant to the breach, except for confidential business information or trade secrets.
(b) If an information recipient notifies an information distributor of a breach under (a) of this section, the information distributor shall comply with AS 45.48.010 - 45.48.030 as if the breach occurred to the information system maintained by the information distributor.
Section: Previous 45.48.010 45.48.020 45.48.030 45.48.040 45.48.050 45.48.060 45.48.070 45.48.080 45.48.090 NextLast modified: November 15, 2016