(1) As used in this part, "personal information" means: (a) information that identifies or reasonably can be used to identify an individual, such as first and last name in combination with the individual's: (i) social security number or other government-issued number or identifier; (ii) date of birth; (iii) home or physical address; (iv) electronic mail address or other online contact information or Internet provider address; (v) financial account number or credit or debit card number; (vi) biometric data, health or medical data, or insurance information; or (vii) passwords or other credentials that permit access to an online or other account; (b) personally identifiable financial or insurance information, including nonpublic personal information defined by applicable federal law; and (c) any combination of data that, if accessed, disclosed, modified, or destroyed without authorization of the owner of the data, or if lost or misused, would require notice or reporting under Section 13-44-202 and federal privacy and data security law, regardless of whether the administrator or the administrator's agent is subject to the law.
(a) information that identifies or reasonably can be used to identify an individual, such as first and last name in combination with the individual's: (i) social security number or other government-issued number or identifier; (ii) date of birth; (iii) home or physical address; (iv) electronic mail address or other online contact information or Internet provider address; (v) financial account number or credit or debit card number; (vi) biometric data, health or medical data, or insurance information; or (vii) passwords or other credentials that permit access to an online or other account;
(i) social security number or other government-issued number or identifier;
(ii) date of birth;
(iii) home or physical address;
(iv) electronic mail address or other online contact information or Internet provider address;
(v) financial account number or credit or debit card number;
(vi) biometric data, health or medical data, or insurance information; or
(vii) passwords or other credentials that permit access to an online or other account;
(b) personally identifiable financial or insurance information, including nonpublic personal information defined by applicable federal law; and
(c) any combination of data that, if accessed, disclosed, modified, or destroyed without authorization of the owner of the data, or if lost or misused, would require notice or reporting under Section 13-44-202 and federal privacy and data security law, regardless of whether the administrator or the administrator's agent is subject to the law.
(2) A provision of this part that applies to the administrator or the administrator's records applies to an administrator's agent.