533.331 Data breach — duty to notify.
1. In accordance with
12 C.F.R. pt. 748
, Appendix B, a state credit union shall maintain an information security response program that includes procedures for notifying the credit union division as soon as possible after the credit union becomes aware of an incident involving unauthorized access to or use of sensitive member information that would permit access to the member’s account, as further detailed in
12 C.F.R. pt. 748
.
2. State credit unions that experience an information security breach may be subject to chapter 715C.
2016 Acts, ch 1030, §7