Learn More
Log In
Sign Up
Nev. Rev. Stat. ch. 603A – Security and Privacy of Personal Information | Midpage
Collections
Nevada Revised Statutes
Title 52
Chapter 603A
Nev. Rev. Stat. ch. 603A
Security and Privacy of Personal Information
603A.010
Definitions
603A.020
“Breach of the security of the system data” defined
603A.030
“Data collector” defined
603A.040
“Personal information” defined
603A.100
Applicability; waiver of provisions prohibited
603A.200
Destruction of certain records
603A.210
Security measures
603A.215
Security measures for data collector that accepts payment card; use of encryption; liability for damages; applicability
603A.217
Alternative methods of and technologies for encryption: Adoption of regulations
603A.220
Disclosure of breach of security of system data; methods of disclosure; applicability
603A.260
Violation constitutes deceptive trade practice
603A.270
Civil action
603A.280
Restitution
603A.290
Injunction
603A.300
Definitions
603A.310
“Consumer” defined
603A.320
“Covered information” defined
603A.323
“Data broker” defined
603A.325
“Designated request address” defined
603A.330
“Operator” defined
603A.333
“Sale” defined
603A.337
“Verified request” defined
603A.338
Applicability of provisions
603A.340
Notice regarding covered information collected by operator: Operator required to make available to consumers; contents; exception
603A.345
Submission of verified request to operator not to sell covered information collected by operator; response to verified request
603A.346
Submission of verified request to data broker not to sell covered information purchased by data broker; response to verified request
603A.347
Data broker authorized to remedy first failure to comply with requirements concerning verified request
603A.348
Operator authorized to remedy first failure to comply with notice requirements
603A.349
Operator authorized to remedy first failure to comply with requirements concerning verified request
603A.350
Unlawful acts
603A.360
Enforcement by Attorney General; civil penalty for violation or injunction; no private right of action against operator; provisions not exclusive
603A.400
Definitions
603A.405
Affiliate” defined
603A.410
Authenticate” defined
603A.415
Biometric data” defined
603A.420
Collect” defined
603A.425
Consumer” defined
603A.430
Consumer health data” defined
603A.435
Gender-affirming care” defined
603A.440
Genetic data” defined
603A.445
Health care services or products” defined
603A.450
Precise geolocation information” defined
603A.455
Process” defined
603A.460
Processor” defined
603A.465
Regulated entity” defined
603A.470
Reproductive or sexual health care” defined
603A.475
Sell” defined
603A.480
Share” defined
603A.485
Third party” defined
603A.490
Applicability
603A.495
Regulated entity required to develop and maintain policy concerning privacy of consumer health data; policy to be posted on Internet website maintained by regulated entity; prohibited acts
603A.500
Collection and sharing of consumer health data by regulated entity prohibited; exceptions; required disclosures for request for consent to collect or share consumer health data
603A.505
Actions required of regulated entity upon request of consumer; establishment of means of making request
603A.510
Response by regulated entity to request by consumer; inability to authenticate request; fee; challenge to validity of fee charged
603A.515
Deletion of consumer health data upon request by consumer; deletion by third party; delay of deletion of data on archived or backup system
603A.520
Regulated entity to establish process for appeal of refusal to act on request by consumer; regulated entity required to inform consumer in writing after receipt of appeal
603A.525
Regulated entity to limit authority of employees and processors to access consumer health data; regulated entity to establish, implement and maintain policies and practices for security of consumer health data
603A.530
Limitations on authority to process consumer health data pursuant to contract; processor to assist regulated entity to comply with law; liability of processor for acts inconsistent with contractual provisions
603A.535
Unauthorized sale or offering of consumer health data prohibited; provision of goods or services conditioned upon authorization of sale of consumer health data prohibited; required contents of authorization; revocation; expiration; invalidity; provision and retention of copies
603A.540
Implementation of geofence near certain facilities, persons or entities that provide in-person health care services or products prohibited
603A.545
Discrimination prohibited
603A.550
Violation constitutes deceptive trade practice; no private right of action; other provisions of law unimpaired