(a) AS 21.23.250 and 21.23.260 do not apply to (1) a licensee, including an independent contractor, with fewer than 10 employees; (2) a licensee if the licensee is an employee, agent, representative, or designee of another licensee covered by an information security program. (b) AS 21.23.240 - 21.23.399 do not apply to a licensee subject to the Health Insurance Portability and Accountability Act of 1996 (P.L. 104-191) if the licensee (1) has established and maintains an information security program under statutes, regulations, procedures, or guidelines established under the Health Insurance Portability and Accountability Act of 1996 (P.L. 104-191); (2) is in compliance with the statutes, regulations, procedures, and guidelines established under the Health Insurance Portability and Accountability Act of 1996 (P.L. 104-191); and (3) submits to the director a written statement certifying that the licensee is in compliance with the statutes, regulations, procedures, and guidelines established under the Health Insurance Portability and Accountability Act of 1996 (P.L. 104-191). (c) If a licensee no longer qualifies for an exception to the applicability of AS 21.23.240 - 21.23.399 under this section, the licensee shall comply with AS 21.23.240 - 21.23.399 within 180 days after the licensee no longer qualifies for the exception.
‹ Prev All Alaska sections Next ›
Lexace provides legal information, not legal advice, and no attorney–client relationship is created. Statute text is provided for general information and may not reflect the most recent amendments; verify against the official state code.