Rhode Island identity theft protection act of 2005 is an act that asks the businesses to inform the people if a security breach takes place in their personal information. The investigation then needs to be done to check that whether the security breach has put the personal information of the individuals at risk or not. The act guides the notification steps to the businesses that they should follow in case of a security breach. The Act got into effect in 2006 on March 1.
The act takes into account all the business operating in Rhode Island and that have the personal information of the residents of Rhode Island. Personal information means first name, last name, social security number, license number, ID card number of Rhode Island, credit card and debit card numbers.
In accordance with the act, all the businesses in the Rhode Island have the responsibility of the consumer records they have in their computers. If the company faces the event of security breach and because of the personal information is disclosed to the third parties, then it is the duty of the company to inform the people about the risk of their information to be stolen. The businesses can reduce the leakage of personal information of their consumers to third parties in case of security breach by monitoring and controlling the data stored in their computers. The companies shall delete all the computer backups that have the personal information and are not needed immediately. Likewise, other modes of backups like CDs, flash drives and other modes shall be destroyed if not needed.
The businesses must inform the residents of Rhode Island whenever their personal information is obtained by the company or is considered to be taken by third parties. If the cost of information gets more than $25,000 or if the number of people affected increases more than 50,000, then other modes of informing shall be followed by the businesses. If a business investigates properly and finds out that the security breach has not put the personal information at risk, then there is no need to inform people. If a business violates this act, the penalty of at most $25,000 can be imposed on the business.
The act makes the business more protective regarding your personal information and they tend to keep it as secure as possible. If any security breach takes place, the first thing they do is to check whether the personal information has been stolen or not and if the personal information has been stolen, then they act in the best way possible and inform the affected individuals as soon as possible. Failure to do so results in businesses paying penalty to the authorities of the Rhode Island. Therefore, businesses stay updated and alert regarding any security breach taking place. They also make sure that security breach does not take place by making their computers and security measures more and more effective. They install passwords and codes that are accessed by the business only and no third party can operate them.