Posted: | March 27, 2019 09:16 AM |
---|---|
From: | Representative Jonathan Fritz |
To: | All House members |
Subject: | Amending Breach of Personal Information Notification Act – Data Breaches |
I am preparing to introduce legislation that will amend the Breach of Personal Information Notification Act (BPINA). This legislation will add further protections to help safeguard our constituents when there is a data breach. More than 5.4 million Pennsylvanians had their personal information compromised during Equifax's 2017 data breach. But Equifax isn’t the only company to have had a breach that affected our constituents. This story occurs almost daily across the commonwealth and country. Specifically, my bill will require notification of a breach from the entity where the breach occurred to the affected consumer. The notification would include the date the breach occurred, the type of information subject to the breach, a toll-free number and the address of credit reporting agencies. This notice would have to be made available within 30 days of the breach of the system. Additionally, an entity with a breach would have to notify the state attorney general’s office. The entities must also develop policies to safeguard and discard personal consumer information. In addition, if a state agency, under the Governor’s jurisdiction, has a breach they must report the breach to the Governor’s Office of Administration as soon as possible. If a county, municipality or school district has a breach, they must report the breach to their county district attorney without a delay. I hope that you will join me by cosponsoring this legislation. |
Introduced as HB1181