Legislation Quick Search
02/29/2024 07:51 AM
Pennsylvania House of Representatives
Home / House Co-Sponsorship Memoranda

House Co-Sponsorship Memoranda

Subscribe to PaLegis Notifications

Subscribe to receive notifications of new Co-Sponsorship Memos circulated

By Member | By Date | Keyword Search

House of Representatives
Session of 2017 - 2018 Regular Session


Posted: October 10, 2017 09:24 AM
From: Representative Brian L. Ellis
To: All House members
Subject: Amending Breach of Personal Information Notification Act – Data Breaches
I am preparing to introduce legislation that will amend the Breach of Personal Information Notification Act (BPINA). My bill is part of a package with Rep. Driscoll who is amending the Credit Reporting Agency Act. This legislation package will add further protections to assist our constituents when there is a data breach

More than 5.4 million Pennsylvanians had their personal information compromised during the Equifax data breach. But Equifax isn’t the only company to have a breach that had affected our constituents, so it is time to place safeguards to protect and help consumers if another breach occurs.

Specifically, my bill will require notification of a breach from the entity where the breach occurred to the affected consumer. The notification would include the date the breach occurred, the type of information subject to the breach, a toll-free number and the address of credit reporting agencies. This notice would have to be made available within 30 days of the breach of the system. Additionally, an entity with a breach would have to notify the state attorney general’s office. The entities must also develop policies to safeguard and discard personal consumer information.

In addition, if a state agency, under the Governor’s jurisdiction, has a breach they must report the breach to the Governor’s Office of Administration as soon as possible. If a county, municipality or school district has a breach, they must report the breach to their county district attorney without a delay.

Finally, under my legislation, the entities must also develop policies to safeguard and discard personal information.

I hope that you will join me by cosponsoring this legislation.

Introduced as HB1846