Pennsylvania’s Data Breach Notification Law Is Changing: What Does It Mean for Entities Doing Business in the Keystone State?

Pennsylvania’s updated breach notification law has an expanded definition of “personal information.” Previously, the definition of “personal information” under Pennsylvania law only included an individual’s first name or first initial and last name in combination with a Social Security number, driver’s license number, or a state identification card number and/or financial account number (e.g., credit or debit card number) in combination with any required security code, access code, or password that would permit access to an individual’s financial account. Soon, in addition to those data elements, the law’s definition of “personal information” will include medical information, health insurance information and user name/email address in combination with a password or security question and answer that would permit access to an online account.


Share This Post:

Search Billing News

Billing News By TAG

Billing News By DATE