Ga. Comp. R. & Regs. 80-1-3-.04

Current through Rules and Regulations filed through December 24, 2024

Rule 80-1-3-.04 - Notification of Computer Security Incident

Pursuant to 12 C.F.R. Part 304 and 12 CFR Part 225 banks and bank holding companies are required to notify the appropriate federal regulator no later than 36 hours after the financial institution determinates that a computer security incident, which rises to the level of a notification incident, has occurred. A computer security incident is an occurrence that results in actual harm to the confidentiality, integrity, or availability of an information system or the information that the system processes, stores, or transmits. If notification of a computer security incident is required to be provided under federal law, then a duplicate of such notification will simultaneously be submitted to the Department.

Ga. Comp. R. & Regs. R. 80-1-3-.04

O.C.G.A. § 7-1-61.

Original Rule entitled "Applicability of Regulation to National Banks and Others" was filed on April 11, 1973; effective May 1, 1973.

Amended: Filed August 28, 1975: effective September 17, 1975.

Amended: Rule repealed and a new Rule of the same title adopted. Filed July 13, 1981; effective August 2, 1981.

Repealed: F. Oct. 12, 1989; eff. Nov. 1, 1989.

Adopted: New Rule entitled "Notification of Computer Security Incident." F. July 7, 2022; eff. July 27, 2022.