Oct. 16, 2017
Legislation would help Pennsylvanians in the event of data breaches
HARRISBURG – A bipartisan pair of bills to help Pennsylvania consumers affected by data breaches has advanced out of the House Commerce Committee to the full House of Representatives. The bills are sponsored by Commerce Committee Chairman Brian Ellis (R-Butler) and Rep. Mike Driscoll (D-Philadelphia).
“It is my hope that future massive data breaches do not occur, but if they do, the safeguards in these pieces of bipartisan legislation will help protect and assist consumers after a breach happens,” Ellis said.
“I believe our bipartisan cooperation bodes well for passing this legislation and making real progress on this issue that affects millions of Pennsylvanians,” Driscoll said. “I am pleased to work with Chairman Ellis and Attorney General Josh Shapiro to move forward on this.”
Ellis’
House Bill 1846 amends the Breach of Personal Information Act to further define “breach of security of the system” and “personal information” for clarification. The bill requires notice to residents of the Commonwealth when there is a breach of security of the system. The notice must be in plain language, and include the date of the breach, the type of information subject to the breach, and toll-free numbers to credit reporting agencies. This notice must be made within 45 days of learning of a breach.
In addition, the breach must be reported to the Bureau of Consumer Protection in the Office of the Attorney General. If a state agency is the subject of a breach, the agency must provide notice of the breach to residents of the Commonwealth without unreasonable delay. An agency under the governor’s jurisdiction shall provide notice of the breach to the governor’s Office of Administration. If a county, school district or municipality is the subject of a breach, it must provide notice of the breach to residents without unreasonable delay as well. A county, school district, or municipality shall report its breach to the county district attorney in which the breach occurred. Any violation of the bill’s provisions will be an unfair method of competition in violation of the Unfair Trade Practices and Consumer Protection Law, and the Office of Attorney General has the right to bring action for a violation of the act.
Driscoll’s House Bill 1847 would waive the current credit freeze fee, which charges up to $10 per account. In the instance of a data breach, consumers would be provided with three months of free credit monitoring and up to three free credit reports for one calendar year after the date the breach is reported. None of these would apply to a credit reporting agency that has not experienced a breach.
Ellis said the bills are expected to receive a vote in the House as early as Oct. 23.
For more information about this legislation, or any other state-related issue, contact Ellis’ district office in Lyndora located at 6 Chesapeake St., Suite 200, by calling 724-283-5852. Information can also be found online at
RepEllis.com, or
Facebook.com/RepEllis.
Representative Brian Ellis
11th District
Pennsylvania House of Representatives
Media Contact: Krisinda Corbin
717.705.2032
kcorbin@pahousegop.com
RepEllis.com /
Facebook.com/RepEllis