On June 28, 2024, Pennsylvania enacted amendments to its Breach of Personal Information Notification Act (“BPINA”). These amendments contain a number of significant changes, including clarifying a key definition, adding a new notification obligation to the Attorney General, requiring organizations to provide credit monitoring services, and reducing the threshold to notify consumer reporting agencies. These amendments—which take effect today, September 26, 2024—bring Pennsylvania in line with many other states that have taken steps to strengthen their respective data breach notification laws.
Latest Post
More Posts
In Law360, Matthew Cin Discusses the Implications of Illinois’s Biometric Information Privacy Act Reform
The Data Day: Recent Developments in AI Governance and State Privacy Laws
Five State Privacy Laws in Five Months
R&G Tech Studio Presents: Managing Principal and Global Head of Advanced E-Discovery and A.I. Strategy Shannon Capone Kirk
Change Healthcare Cyberattack: HHS OCR Publishes Early Guidance on Breach and UnitedHealth Group Provides Critical Status Update
U.S. Enacts Sweeping Legislation to Restrict Flows of Sensitive Data to the People’s Republic of China and Other Foreign Adversaries
NIST Publishes Long-Awaited Cybersecurity Framework 2.0
New Executive Order Would Restrict Transfer of Certain Bulk Sensitive Personal Data and United States Government-Related Data to China and Other Countries of Concern
DoorDash and California Attorney General Reach Settlement Over Privacy Allegations
Subscribe: Subscribe via RSS
Blogs
Firm/Org