Test Drive Our New Site! We have some improvements in the works that we're excited for you to experience. Click here to try our new, faster, mobile friendly beta site. We will be maintaining our current version of the site thru the end of 2024, so you can switch back as our improvements continue.
Legislation Quick Search
11/06/2024 03:49 AM
Pennsylvania House of Representatives
https://www.legis.state.pa.us/cfdocs/Legis/CSM/showMemoPublic.cfm?chamber=H&SPick=20170&cosponId=24691
Share:
Home / House Co-Sponsorship Memoranda

House Co-Sponsorship Memoranda

Subscribe to PaLegis Notifications
NEW!

Subscribe to receive notifications of new Co-Sponsorship Memos circulated

By Member | By Date | Keyword Search


House of Representatives
Session of 2017 - 2018 Regular Session

MEMORANDUM

Posted: October 10, 2017 09:24 AM
From: Representative Brian L. Ellis
To: All House members
Subject: Amending Breach of Personal Information Notification Act – Data Breaches
 
I am preparing to introduce legislation that will amend the Breach of Personal Information Notification Act (BPINA). My bill is part of a package with Rep. Driscoll who is amending the Credit Reporting Agency Act. This legislation package will add further protections to assist our constituents when there is a data breach

More than 5.4 million Pennsylvanians had their personal information compromised during the Equifax data breach. But Equifax isn’t the only company to have a breach that had affected our constituents, so it is time to place safeguards to protect and help consumers if another breach occurs.

Specifically, my bill will require notification of a breach from the entity where the breach occurred to the affected consumer. The notification would include the date the breach occurred, the type of information subject to the breach, a toll-free number and the address of credit reporting agencies. This notice would have to be made available within 30 days of the breach of the system. Additionally, an entity with a breach would have to notify the state attorney general’s office. The entities must also develop policies to safeguard and discard personal consumer information.

In addition, if a state agency, under the Governor’s jurisdiction, has a breach they must report the breach to the Governor’s Office of Administration as soon as possible. If a county, municipality or school district has a breach, they must report the breach to their county district attorney without a delay.

Finally, under my legislation, the entities must also develop policies to safeguard and discard personal information.

I hope that you will join me by cosponsoring this legislation.




Introduced as HB1846


Memo Updated: October 10, 2017 09:36 AM