Amend the bill, as and if amended, Part IA, Section 97, STATE TREASURER'S OFFICE, page 286, by inserting after line 23,
Column 7 Column 8
Department of Revenue Identity Theft Reimbursement Fund 200,000 200,000/
Amend the bill further, as and if amended, Part IB, Section 97, OFFICE OF STATE TREASURER, page 477, after line 16, by adding an appropriately numbered new proviso to read:
/ 97.___. (TREAS: Identity Theft Reimbursement Fund) (A) There is established in the State Treasury the Department of Revenue Identity Theft Reimbursement Fund which must be maintained separately from the general fund of the State and all other funds. The proceeds of the fund must be utilized to reimburse eligible expenses incurred by an eligible person. The obligation to reimburse claims pursuant to this section does not arise until monies are credited to the fund, and only to the extent that monies are credited to the fund. Any monies remaining in the fund at the end of the fiscal year shall lapse to the general fund.
(B)(1) A person seeking reimbursement from the fund must file with the Treasurer a claim on a form prescribed by him and verified by the claimant. The Treasurer shall consider each claim within ninety days after it is filed and give written notice to the claimant if the claim is denied in whole or in part. If a claim is allowed, the Treasurer shall reimburse the eligible person in an amount equal to his eligible expenses subject to availability of monies in the fund. The decision by the Treasurer regarding a claim is a final agency decision that may be appealed to the Administrative Law Court pursuant to the Administrative Procedures Act naming the Treasurer as the defendant. The action must be brought within ninety days after the Treasurer's decision or within one hundred eighty days after the filing of the claim if he has failed to act on it.
(2) With regard to each single occurrence of financial loss, excluding expenses for assistance services, there only may be an eligible person as defined in subsection (D)(1)(a) or (D)(1)(b). If an eligible person, as defined in subsection (D)(1)(b) can provide proof of reimbursing the applicable eligible expense claim, then it is deemed the appropriate eligible person for purposes of this provision.
(C) The State Treasurer shall set forth policies and make the necessary determinations to implement the provisions of this section, including the disbursal of proceeds of the fund.
(D) For the purposes of this provision:
(1) 'Eligible person' shall mean:
(a) a person whose personally identifiable information was obtained by a third party from a compromised computer system maintained by a state agency, board, committee, or commission; and
(b) a financial institution that credits, or otherwise reimburses an eligible person, as defined in subitem (a), of eligible expenses, excluding expenses for assistance services, as an unauthorized transaction.
(2) 'Eligible expenses' shall mean financial losses incurred by an eligible person directly related to the misappropriation of the eligible person's personally identifiable information that was obtained by a third party from a compromised computer system maintained by a state agency, board, committee, or commission. Expenses for services provided by private entities to assist eligible persons with financial losses are not eligible expenses to the extent such services are offered through the State or a state-supported program free of charge.
(3) 'Financial losses' shall mean actual losses, including, but not limited to, lost wages, costs incurred by an eligible person related to correcting his credit history or credit rating, or costs or judgments related to any criminal, civil, or administrative proceeding brought against the eligible person resulting from the misappropriation of the victim's personally identifiable information not recovered from any other source. Costs associated with the purchase of identity theft protection and identity theft resolution services are not financial losses.
(4) 'Identity theft protection' means identity fraud and protection products and services that attempt to proactively detect, notify, or prevent unauthorized access or misuse of a person's identifying information or financial information to fraudulently obtain resources, credit, government documents or benefits, phone or other utility services, bank or savings accounts, loans, or other benefits in the person's name.
(5) 'Identity theft resolution services' means products and services that attempt to mitigate the effects of identity fraud after personally identifiable information has been fraudulently obtained by a third party, including, but not limited to, identity theft insurance and other identity theft resolution services that are designed to resolve actual and potential identity theft and related matters.
(6) 'Person' shall mean an individual, corporation, firm, association, joint venture, partnership, limited liability corporation, or any other business entity.
(7) 'Personally identifiable information' means information that can be used to uniquely identify, contact, or locate a single person or can be used with other sources to uniquely identify a single individual, including, but not limited to, social security numbers, debit card numbers, and credit card numbers. /
Renumber sections to conform.
Amend sections, totals and title to conform.