As used in this chapter:

(1) “Chief privacy officer” means the individual appointed under Section 63A-19-302.
lawyer at desk

Ask a business law question, get an answer ASAP!
Thousands of highly rated, verified business lawyers.
Click here to chat with a lawyer about your rights.

Terms Used In Utah Code 63A-19-101

  • Agency: means a board, commission, institution, department, division, officer, council, office, committee, bureau, or other administrative unit of the state, including the agency head, agency employees, or other persons acting on behalf of or under the authority of the agency head, the Legislature, the courts, or the governor, but does not mean a political subdivision of the state, or any administrative unit of a political subdivision of the state. See Utah Code 63A-1-103
  • Commission: means the Utah Privacy Commission established in Section 63C-24-102. See Utah Code 63A-19-101
  • Corporation: A legal entity owned by the holders of shares of stock that have been issued, and that can own, receive, and transfer property, and carry on business in its own name.
  • Cyber Center: means the Utah Cyber Center created in Section 63A-16-1102. See Utah Code 63A-19-101
  • Department: means the Department of Government Operations. See Utah Code 63A-1-103
  • Governing board: means the Utah Privacy Governing Board established in Section 63A-19-201. See Utah Code 63A-19-101
  • Governmental entity: means the same as that term is defined in Section 63G-2-103. See Utah Code 63A-19-101
  • Individual: means the same as that term is defined in Section 63G-2-103. See Utah Code 63A-19-101
  • Office: means the Office of Data Privacy created in Section 63A-19-301. See Utah Code 63A-19-101
  • Ombudsperson: means the data privacy ombudsperson appointed under Section 63A-19-501. See Utah Code 63A-19-101
  • Person: means :
         (24)(a) an individual;
         (24)(b) an association;
         (24)(c) an institution;
         (24)(d) a corporation;
         (24)(e) a company;
         (24)(f) a trust;
         (24)(g) a limited liability company;
         (24)(h) a partnership;
         (24)(i) a political subdivision;
         (24)(j) a government office, department, division, bureau, or other body of government; and
         (24)(k) any other organization or entity. See Utah Code 68-3-12.5
  • Personal data: means information that is linked or can be reasonably linked to an identified individual or an identifiable individual. See Utah Code 63A-19-101
  • processing: means any operation or set of operations performed on personal data, including collection, recording, organization, structuring, storage, adaptation, alteration, access, retrieval, consultation, use, disclosure by transmission, transfer, dissemination, alignment, combination, restriction, erasure, or destruction. See Utah Code 63A-19-101
  • Property: includes both real and personal property. See Utah Code 68-3-12.5
  • Record: means the same as that term is defined in Section 63G-2-103. See Utah Code 63A-19-101
  • State: when applied to the different parts of the United States, includes a state, district, or territory of the United States. See Utah Code 68-3-12.5
(2) “Commission” means the Utah Privacy Commission established in Section 63C-24-102.
(3) “Cyber Center” means the Utah Cyber Center created in Section 63A-16-1102.
(4) “Data breach” means the unauthorized access, acquisition, disclosure, loss of access, or destruction of personal data held by a governmental entity, unless the governmental entity concludes, according to standards established by the Cyber Center, that there is a low probability that personal data has been compromised.
(5) “Designated governmental entity” means the same as that term is defined in Section 67-3-13.
(6) “Governing board” means the Utah Privacy Governing Board established in Section 63A-19-201.
(7) “Governmental entity” means the same as that term is defined in Section 63G-2-103.
(8) “High risk processing activities” means a governmental entity’s processing of personal data that may result in a significant compromise to an individual’s privacy interests, based on factors that include:

     (8)(a) the sensitivity of the personal data processed;
     (8)(b) the amount of personal data being processed;
     (8)(c) the individual’s ability to consent to the processing of personal data; and
     (8)(d) risks of unauthorized access or use.
(9) “Individual” means the same as that term is defined in Section 63G-2-103.
(10) “Legal guardian” means:

     (10)(a) the parent of a minor; or
     (10)(b) an individual appointed by a court to be the guardian of a minor or incapacitated person and given legal authority to make decisions regarding the person or property of the minor or incapacitated person.
(11) “Office” means the Office of Data Privacy created in Section 63A-19-301.
(12) “Ombudsperson” means the data privacy ombudsperson appointed under Section 63A-19-501.
(13) “Personal data” means information that is linked or can be reasonably linked to an identified individual or an identifiable individual.
(14) “Process” or “processing” means any operation or set of operations performed on personal data, including collection, recording, organization, structuring, storage, adaptation, alteration, access, retrieval, consultation, use, disclosure by transmission, transfer, dissemination, alignment, combination, restriction, erasure, or destruction.
(15) “Record” means the same as that term is defined in Section 63G-2-103.
(16) “Record series” means the same as that term is defined in Section 63G-2-103.
(17) “Retention schedule” means a governmental entity’s schedule for the retention or disposal of records that has been approved by the Records Management Committee pursuant to Section 63A-12-113.
(18)

     (18)(a) “Sell” means an exchange of personal data for monetary consideration by a governmental entity to a third party.
     (18)(b) “Sell” does not include a fee:

          (18)(b)(i) charged by a governmental entity for access to a record; or
          (18)(b)(ii) assessed in accordance with an approved fee schedule.
(19)

     (19)(a) “State agency” means the following entities that are under the direct supervision and control of the governor or the lieutenant governor:

          (19)(a)(i) a department;
          (19)(a)(ii) a commission;
          (19)(a)(iii) a board;
          (19)(a)(iv) a council;
          (19)(a)(v) an institution;
          (19)(a)(vi) an officer;
          (19)(a)(vii) a corporation;
          (19)(a)(viii) a fund;
          (19)(a)(ix) a division;
          (19)(a)(x) an office;
          (19)(a)(xi) a committee;
          (19)(a)(xii) an authority;
          (19)(a)(xiii) a laboratory;
          (19)(a)(xiv) a library;
          (19)(a)(xv) a bureau;
          (19)(a)(xvi) a panel;
          (19)(a)(xvii) another administrative unit of the state; or
          (19)(a)(xviii) an agent of an entity described in Subsections (19)(a)(i) through (xvii).
     (19)(b) “State agency” does not include:

          (19)(b)(i) the legislative branch;
          (19)(b)(ii) the judicial branch;
          (19)(b)(iii) an executive branch agency within the Office of the Attorney General, the state auditor, the state treasurer, or the State Board of Education; or
          (19)(b)(iv) an independent entity.
(20) “State privacy officer” means the individual described in Section 67-3-13.

  Previous section
Next section  
 Part 1 Contents