Nev. Admin. Code § 90.Sec. 32

Current through November 8, 2024
Section 90.Sec. 32 - NEW
1. In the event of discovery of a security breach, the issuer or its agent, as appropriate, will take prompt action to:
(a) Identify and locate the breach;
(b) Secure the affected information;
(c) Suspend the use of the particular device or technology that has been compromised until the security breach has been terminated; and
(d) Provide notice of the security breach to:
(1) The investor whose confidential personal information has been improperly accessed in connection with the security breach; and
(2) The Administrator of each state in which an affected investor resides.
2. The compliance of an issuer or its agent with this section after the discovery of a security breach, or any other breach of personal information, does not substitute, or in any way affect, any other requirement or obligation imposed on the issuer or its agent, including, without limitation, any notification requirement.
3. As used in this section, "security breach" means the unauthorized accessing, acquisition or disclosure of any data that compromises the security or confidentiality of personal information maintained by the person or business. The term is limited to systems, technologies or processes that are used in connection with or introduced into a securities offering in order to implement the use of an electronic offering document or an electronic signature.

Nev. Admin. Code § 90.Sec. 32

Added to NAC by Sec'y of State by R018-21A, eff. 6/2/2023

NRS 90.390, 90.750