§ 6-52-4. Exemptions.
This chapter does not apply to any of the following:
(1) Any bank, credit union, or financial institution as defined under the federal Gramm Leach Bliley Law that is subject to the regulation of the Office of the Comptroller of Currency; the Federal Reserve; the National Credit Union Administration; the Securities and Exchange Commission; the Federal Deposit Insurance Corporation; the Federal Trade Commission; the Office of Thrift Supervision; and the U.S. Department of the Treasury or the Department of Business Regulation; and is subject to the privacy and security provisions of the Gramm Leach Bliley Act, 15 U.S.C. § 6801 et seq;
(2) Any health insurer, non-profit hospital, or medical service corporation, as defined in chapters 19 and 20 of title 27, and any health care facility that is subject to the standards for privacy of individually identifiable health information and the security standards for the protection of electronic health information of the Health Insurance Portability and Accountability Act of 1996;
(3) Any consumer report agency that is subject to, and in compliance with, the Federal Credit Reporting Act. 15 U.S. C. § 1681 et seq., as amended; or
(4) Any business that enters into a contractual agreement with another business to complete the destruction of a customer's personal information and has physical evidence of that contractual agreement.
(P.L. 2009, ch. 247, § 1; P.L. 2009, ch. 285, § 1; P.L. 2014, ch. 528, § 39.)