Legislation Quick Search
06/13/2021 10:08 PM
Pennsylvania State Senate
Home / Senate Co-Sponsorship Memoranda

Senate Co-Sponsorship Memoranda

Subscribe to PaLegis Notifications

Subscribe to receive notifications of new Co-Sponsorship Memos circulated

By Member | By Date | Keyword Search

Senate of Pennsylvania
Session of 2021 - 2022 Regular Session


Posted: December 1, 2020 10:14 AM
From: Senator Kristin Phillips-Hill
To: All Senate members
Subject: Amending the Breach of Personal Information Act
In the near future I plan to re-introduce SB 308 of last session to amend P.L. 474, No.94 known as the Breach of Personal Information Act. Passed in 2005, the Act provides for the notification of residents whose personal identifiable information was or may have been disclosed due to a security system breach.

The purpose of our amendment is to strengthen the provisions of the current Act by:
  • Updating the definition of personally identifiable information
  • Revising requirements for state agencies, the Judiciary and the Legislature to notify affected individuals and supervisory and law enforcement officials in the event of a breach of personally identifiable information
  • Adding protections and remedies for residents of the Commonwealth in the event of a data breach
  • Assigning responsibilities for developing policies to reduce the risk of future data breaches
The definition of personally identifiable information is updated to include health and medical information, educational records, religious information, biometric markers, data that would permit access to an on-line account, and certain socioeconomic data.

Additionally, if a State agency or political subdivision of the Commonwealth is subject to a breach of the security of the system, the amendment provides for faster notifications to the heads of the entities and senior law enforcement officials.

The amendment specifies that notice be delivered in a clear and easy to follow format. The notice will contain specific provisions helpful to those potentially affected by the breach, including what steps are being taken to protect the individuals whose personal information is the subject of the breach; advice on what steps the individual may take on their own; contact information for major credit reporting agencies; and an offer by the state entity responsible for the database’s security to provide 12 months free credit reporting, credit protection and identity theft protection.

Please join me in strengthening our notification procedures in the event of a breach of databases containing our personal information by co-sponsoring this legislation.
Previous cosponsors of this legislation were Senators Laughlin, Mensch, K. Ward, and J. Ward.

Introduced as SB608