Pennsylvania
Quick Facts
Breach Based on Harm Threshold: YES
Deadline for Consumer Notice: Without unreasonable delay
Government Notification Required: NO
2005 Pa. Laws 474 (unofficially consolidated in 73 P.S. §§ 2301–2329 (West 2019))
More Details
Scope of this Summary
Covered Info
Form of Covered Info
Encryption Safe Harbor
Breach Defined
Consumer Notice
Timing: Must be made without unreasonable delay taking any necessary measures to determine the scope of the breach and to reasonably restore the integrity of the system.
Content: If notice is given by telephone, it must be clear and conspicuous, describe the incident in general terms, verify the resident's covered info but does not require the resident to provide the covered info to the entity, and provides a telephone number or Internet website to visit for further information or assistance.
Method: By written notice (to the last known home address), by telephone notice (if the consumer can be reasonably expected to receive it), or by email notice (if a prior business relationship exists and the entity has a valid email address). Substitute notice is available if certain criteria are satisfied.
Delayed Notice
Harm Threshold
Consumer Reporting Agency Notice
Third-Party Notice
Potential Penalties
This summary is for informational purposes only. It provides general information and not legal advice or opinions regarding specific facts. Additional requirements or conditions may apply to any or all provisions referenced herein. For more information about the state data breach notification laws or other data security matters, please seek the advice of counsel.
Last revised on July 28, 2019