Utah passed Senate Bill 193 exempting “financial institutions” from the requirements of the Protection of Personal Information Act (Act). The Act imposes disclosure and notification requirements in the event of a breach of security. Under the bill, financial institutions (as defined in the Gramm-Leach-Bliley Act) are no longer required to comply with the requirements of the Act in the event of a breach of security. The bill becomes effective May 14, 2019.
See Utah State Legislature website for the full text of the Statute: https://le.utah.gov/~2019/bills/sbillenr/SB0193.pdf
