COMMUNICATIONS, TECHNOLOGY AND INNOVATION
1. Line 5, introduced, Title, after 38.2-4319,
strike
38.2-4409
insert
38.2-4408
COMMUNICATIONS, TECHNOLOGY AND INNOVATION
2. Line 16, introduced, after 38.2-4319,
strike
38.2-4409
insert
38.2-4408
COMMUNICATIONS, TECHNOLOGY AND INNOVATION
3. Line 715, introduced, after Commonwealth.
strike
the remainder of line 715 and through organization. on line
716
COMMUNICATIONS, TECHNOLOGY AND INNOVATION
4. Line 745, introduced, after means
insert
(i)
COMMUNICATIONS, TECHNOLOGY AND INNOVATION
5. Line 747, introduced, after licensee
insert
or (ii) an insurance-support organization
COMMUNICATIONS, TECHNOLOGY AND INNOVATION
6. Line 923, introduced, after person
insert
and the cybersecurity event has a reasonable likelihood of
causing or has caused identity theft or other fraud to such consumers
COMMUNICATIONS, TECHNOLOGY AND INNOVATION
7. Line 927, introduced, after of the
strike
insurance-support organization or
COMMUNICATIONS, TECHNOLOGY AND INNOVATION
8. Line 934, introduced, after of the
strike
insurance-support organization or
COMMUNICATIONS, TECHNOLOGY AND INNOVATION
9. Line 935, introduced, after the
strike
insurance-support organization or
COMMUNICATIONS, TECHNOLOGY AND INNOVATION
10. Line 937, introduced, after the
strike
insurance-support organization or
COMMUNICATIONS, TECHNOLOGY AND INNOVATION
11. Line 939, introduced, after the
strike
insurance-support organization or
COMMUNICATIONS, TECHNOLOGY AND INNOVATION
12. Line 941, introduced, after of the
strike
insurance-support organization or
COMMUNICATIONS, TECHNOLOGY AND INNOVATION
13. Line 941, introduced, after if the
strike
the remainder of line 941
COMMUNICATIONS, TECHNOLOGY AND INNOVATION
14. Line 943, introduced, after event
strike
an insurance-support organization or
insert
that a
COMMUNICATIONS, TECHNOLOGY AND INNOVATION
15. Line 944, introduced, after the
strike
an insurance-support organization or
COMMUNICATIONS, TECHNOLOGY AND INNOVATION
16. After line 954, introduced
insert
F. If there is a cybersecurity event in a system maintained by
a third-party service provider, the licensee, once it has become aware of such
cybersecurity event, shall treat such event as it would under this section,
unless the third-party service provider provides notice in accordance with this
section. The computation of a licensee's deadlines shall begin on the day after
the third-party service provider notifies a licensee of the cybersecurity event
or the licensee otherwise has actual knowledge of the cybersecurity event,
whichever is sooner.