128 chapters · 1,241 sections in this title.
N.D.C.C. § 54-59.1-01 Definitions
4.7K chars
As used in this chapter, unless the context otherwise requires: 1. "Breach" means unauthorized access or acquisition of computerized data that has not been secured by encryption or other methods or technology that renders electronic files, media, or databases unreadable or unusab…
N.D.C.C. § 54-59.1-02 Immediate disclosure to the department
0.9K chars
An entity shall disclose to the department an identified or suspected cybersecurity incident that affects the confidentiality, integrity, or availability of information systems, data, or services. Disclosure must be made in the most expedient time possible and without unreasonabl…
N.D.C.C. § 54-59.1-03 Ongoing disclosure to the department during a cybersecurity incident
1.0K chars
Until a cybersecurity incident is resolved, an entity shall disclose clarifying details regarding a cybersecurity incident to the department, including: 1. The number of potentially exposed records; 2. The type of records potentially exposed, including health insurance informatio…
N.D.C.C. § 54-59.1-04 Disclosure to the department - Legislative and judicial branches
0.2K chars
The legislative and judicial branches may disclose to the department cybersecurity incidents that affect the confidentiality, integrity, or availability of information systems, data, or services.
N.D.C.C. § 54-59.1-05 Method of disclosure of cybersecurity incidents
0.1K chars
The department shall establish and make known methods an entity must use to securely disclose cybersecurity incidents to the department.
N.D.C.C. § 54-59.1-06 Statewide cybersecurity incident response
0.2K chars
The department, to the extent possible, shall provide consultation services and other resources to assist entities and the legislative and judicial branches in responding to and remediating cybersecurity incidents.
N.D.C.C. § 54-59.1-07 Disclosure to the legislative management
0.6K chars
The department shall report to the legislative management all disclosed cybersecurity incidents as required by this chapter, including the status of the cybersecurity incident and any response or remediation to mitigate the cybersecurity incident. The department shall ensure all …