|
For Immediate
Release
9/21/11
Listen
Senator Pileggi: Senate Approves Bill
Requiring Prompt Notification of Personal Data Breaches
HARRISBURG – State and local government agencies will be required to notify
the public of data breaches involving personal information within one week under
legislation introduced by Senate Majority Leader Dominic Pileggi (R-9) and
unanimously approved by the Senate today.
Senator Pileggi's legislation,
Senate Bill 162, was drafted after reports of three separate thefts of
state-owned computers containing personal information. Although those computers
included at least 17,800 Social Security numbers and other personal information
of approximately 400,000 state residents, the state agencies involved did not
notify the public until two or three weeks after the incidents.
"There's no good reason for a government agency to wait for two or three
weeks after a data breach to let the public know," Senator Pileggi said. "We
have an obligation to let potentially affected residents know as soon as
possible when personal information is stolen so they can take steps to protect
themselves from identity theft."
SB 162 will also require the Attorney General to investigate every breach
involving state agencies; breaches involving local governments would be
investigated by the county District Attorney. "Requiring those investigations is
important," Senator Pileggi said. "If an agency suffers a data breach, it is
critical to learn exactly how it happened to help prevent other breaches in the
future."
The legislation will also allow courts to require individuals who are
determined to be responsible for a data breach to pay the cost of the
investigation and the cost of repairing or restoring the system.
More information about state issues is available at Senator Pileggi's web
site,
www.SenatorPileggi.com, on Facebook at
www.facebook.com/SenatorPileggi, or on Twitter at
twitter.com/SenatorPileggi.
Contact:
Erik Arneson
(717) 787-4712
|
