Data breaches have become a significant problem nationwide and can cost consumers and businesses alike substantial amounts of money when they occur. As a result, more government bodies are moving toward trying to increase consumer protections, and the latest to do so is the state of Pennsylvania. Read more
A bill that was recently approved unanimously by the Pennsylvania State Senate would require the state’s various agencies to notify people affected by data breaches within a week of having been reported, according to a report from the PA Independent. That is a change from the current requirement, which uses the more ambiguous language that they be notified “as soon as possible.”
It would be great if this became a requirement for all entities and companies across the county, not just state agencies in Pennsylvania.
Sometimes breaches are not reported until months after they have occurred. For example, this data breach was reported over 60 days after it occurred
. This massive breach of 3.6 million Social Security numbers
at a state agency in SC was reported 6 weeks after the fact.