Effective 1-1-2026. Sec. 3. A controller that discloses pseudonymous data or de-identified data shall exercise reasonable oversight to monitor compliance with any contractual commitments to which the pseudonymous data or de-identified data is subject and shall take appropriate steps to address any breaches of those contractual commitments. IC 24-15-8 Chapter 8. Limitations 24-15-8-1 Permissible activities by controllers and processors 24-15-8-2 Collecting, using, or retaining data; permissible purposes 24-15-8-3 Evidentiary privilege; exemption from obligations concerning personal data 24-15-8-4 Disclosure of personal data to third party controller or processor 24-15-8-5 Personal rights or freedoms; free speech; personal data in context of purely personal or household activity 24-15-8-6 Controller not required to disclose trade secrets 24-15-8-7 Processing of personal data for authorized purposes; collection, use, or retention of personal data; burden of proof for exemption Effective 1-1-2026.
‹ Prev All Indiana sections Next ›
Lexace provides legal information, not legal advice, and no attorney–client relationship is created. Statute text is provided for general information and may not reflect the most recent amendments; verify against the official state code.