|Posted:||December 1, 2020 10:14 AM|
|From:||Senator Kristin Phillips-Hill|
|To:||All Senate members|
|Subject:||Amending the Breach of Personal Information Act|
|In the near future I plan to re-introduce SB 308 of last session to amend P.L. 474, No.94 known as the Breach of Personal Information Act. Passed in 2005, the Act provides for the notification of residents whose personal identifiable information was or may have been disclosed due to a security system breach.
The purpose of our amendment is to strengthen the provisions of the current Act by:
The definition of personally identifiable information is updated to include health and medical information, educational records, religious information, biometric markers, data that would permit access to an on-line account, and certain socioeconomic data.
Additionally, if a State agency or political subdivision of the Commonwealth is subject to a breach of the security of the system, the amendment provides for faster notifications to the heads of the entities and senior law enforcement officials.
The amendment specifies that notice be delivered in a clear and easy to follow format. The notice will contain specific provisions helpful to those potentially affected by the breach, including what steps are being taken to protect the individuals whose personal information is the subject of the breach; advice on what steps the individual may take on their own; contact information for major credit reporting agencies; and an offer by the state entity responsible for the database’s security to provide 12 months free credit reporting, credit protection and identity theft protection.
Please join me in strengthening our notification procedures in the event of a breach of databases containing our personal information by co-sponsoring this legislation.
Previous cosponsors of this legislation were Senators Laughlin, Mensch, K. Ward, and J. Ward.
Introduced as SB608