- (a) K.S.A. 2025 Supp. 9-551 through 9-554, and amendments thereto, shall be known and may be cited as the Kansas financial institutions information security act.
- (b) The purpose of the Kansas financial institutions information security act is to establish information security standards for any covered entity consistent with 16 C.F.R. § 314, as in effect on July 1, 2023.
- (c) The Kansas financial institutions information security act applies to the handling of customer information by the following covered entities: (1) Credit services organizations, as defined in K.S.A. 50-1117, and amendments thereto; (2) mortgage companies, as defined in K.S.A. 9-2201, and amendments thereto; (3) supervised lenders, as defined in K.S.A. 16a-1-301, and amendments thereto; (4) financial institutions engaging in money transmission, as defined in K.S.A. 9-508, and amendments thereto; (5) trust companies, as defined in K.S.A. 9-701, and amendments thereto; and (6) technology-enabled fiduciary financial institutions, as defined in K.S.A. 9-2301, and amendments thereto.
- (d) The commissioner may adopt all rules and regulations necessary to govern and administer the provisions of the Kansas financial institutions information security act.
- (e) The Kansas financial institutions information security act shall be a part of and supplemental to chapter 9 of the Kansas Statutes Annotated, and amendments thereto.
L. 2023, ch. 54, § 1; April 27.