as introduced - 91st Legislature (2019 - 2020) Posted on 01/17/2019 02:39pm
A bill for an act
relating to government data practices; expanding the requirement for notification
of security breaches; amending Minnesota Statutes 2018, section 13.055,
BE IT ENACTED BY THE LEGISLATURE OF THE STATE OF MINNESOTA:
Minnesota Statutes 2018, section 13.055, subdivision 1, is amended to read:
For purposes of this section, the following terms have the
meanings given to them.
(a) "Breach of the security of the data" means unauthorized acquisition of data maintained
by a government entity that compromises the security and classification of the data. Good
faith acquisition of or access to government data by an employee, contractor, or agent of a
government entity for the purposes of the entity is not a breach of the security of the data,
if the government data is not provided to or viewable by an unauthorized person, or accessed
for a purpose not described in the procedures required by section 13.05, subdivision 5. For
purposes of this paragraph, data maintained by a government entity includes data maintained
by a person under a contract with the government entity that provides for the acquisition of
or access to the data by an employee, contractor, or agent of the government entity.
(b) "Contact information" means either name and mailing address or name and e-mail
address for each individual who is the subject of data maintained by the government entity.
(c) "Unauthorized acquisition" means that a person has obtained, accessed, or viewed
government data without the informed consent of the individuals who are the subjects of
the data or statutory authority deleted text beginand with the intent to use the data for nongovernmental
purposesdeleted text end.
(d) "Unauthorized person" means any person who accesses government data without a
work assignment that reasonably requires access, or regardless of the person's work
assignment, for a purpose not described in the procedures required by section 13.05,