Daniel Walmer reports on a bill proposed in the Pennsylvania legislature:
House Bill 1010, introduced by Solomon, would change that. Under the bill, victims of data breaches could sue for $5,000 per violation or more if their actual losses were more than $5,000. The attorney general’s office can also seek civil penalties up to $10,000.
The bill would also require organizations to take “reasonable measures” to secure personal identification information. If they suffer a data breach, they would be required to notify affected customers “without unreasonable delay.” A delay of up to three days is permitted only if requested by law enforcement.
“Our personal information is at risk. Countless incidents over the past few years have laid this fact bare,” Solomon wrote in a co-sponsorship memo. “We need to do more to defend Pennsylvanians’ private, personal information from falling into the wrong hands.”
The personal information protected by House Bill 1010 would include Social Security numbers, driver’s license numbers, financial account and credit card numbers, and medical information.
Read more on The Sentinel. This is one of the stronger bills that I’ve seen proposed and you may want to read all of its language.