Pennsylvania AG Launches Website for Reporting Data Breaches as Required by Law
Pennsylvania Attorney General Michelle Henry announced the launch of an online portal for companies and other entities reporting data breaches.
The site is for reporting breaches impacting more than 500 Pennsylvania residents — which is required under Pennsylvania law beginning September 26.
Credit reporting companies, or other entities that hold onto personal data, must report data breaches to the attorney general, under the state’s Breach of Personal Information Notification Act (BPINA).
“This new requirement in the law will offer Pennsylvanians more protections and prompt notifications when sensitive information, such as account numbers and personal data, is compromised,” Henry said. “We have launched this portal to make the process easier and more efficient for businesses who are required to make these notifications.”
On June 28, Governor Josh Shapiro approved amendments to the BPINA when a data breach affects more than 500 Pennsylvanians. Companies must also provide impacted individuals with 12 months of credit monitoring and access to a credit report, if the breach involves the person’s name and Social Security number, bank account number, or driver’s license or state ID number.
The new portal can be accessed via the attorney general’s website.
Source: Pennsylvania Attorney General