Legislation Quick Search
04/08/2020 10:20 PM
Pennsylvania State Senate
https://www.legis.state.pa.us/cfdocs/Legis/CSM/showMemoPublic.cfm?chamber=S&SPick=20190&cosponId=27008
Share:
Home / Senate Co-Sponsorship Memoranda

Senate Co-Sponsorship Memoranda

By Member | By Date | Keyword Search


Senate of Pennsylvania
Session of 2019 - 2020 Regular Session

MEMORANDUM

Posted: December 12, 2018 06:18 PM
From: Senator Kristin Phillips-Hill
To: All Senate members
Subject: Amending the Breach of Personal Information Act
 
In the near future I plan to re-introduce HB 1548 of last session to amend P.L. 474, No.94 known as the Breach of Personal Information Act. Passed in 2005, the Act provides for the notification of residents whose personal identifiable information was or may have been disclosed due to a security system breach.

The purpose of our amendment is to strengthen the provisions of the current Act by:
  • Updating the definition of personally identifiable information
  • Revising requirements for state agencies, the Judiciary and the Legislature to notify affected individuals and supervisory and law enforcement officials in the event of a breach of personally identifiable information
  • Adding protections and remedies for residents of the Commonwealth in the event of a data breach
  • Assigning responsibilities for developing policies to reduce the risk of future data breaches

    The definition of personally identifiable information is updated to include health and medical information, educational records, religious information, biometric markers, data that would permit access to an on-line account, and certain socioeconomic data.

    Additionally, if a State agency or political subdivision of the Commonwealth is subject to a breach of the security of the system, the amendment provides for faster notifications to the heads of the entities and senior law enforcement officials.

    The amendment specifies that notice be delivered in a clear and easy to follow format. The notice will contain specific provisions helpful to those potentially affected by the breach, including what steps are being taken to protect the individuals whose personal information is the subject of the breach; advice on what steps the individual may take on their own; contact information for major credit reporting agencies; and an offer by the state entity responsible for the database’s security to provide 12 months free credit reporting, credit protection and identity theft protection.

    Please join me in strengthening our notification procedures in the event of a breach of databases containing our personal information by co-sponsoring this legislation.



Introduced as SB308