Pennsylvania Becomes 22nd State to Enact a Data Breach Disclosure Law
Posted by Bruce Johnson
Pennsylvania has recently enacted a data breach disclosure law (S.B. 712, available here), another statute modeled on the original 2002 California law. Pennsylvania's law, which was signed by Governor Rendell on December 22, 2005, makes it the 22nd state to enact such legislation.
The "Breach of Personal Information Notification Act" applies to all state agencies and individuals or businesses "doing business" in the state that "maintain[], store[], or manage[] computerized data that includes personal information."
Such "personal information" includes individuals' names coupled with unencrypted information that identifies their (1) Social Security number; (2) Driver's license number or State identification card; and (3) financial account information. The statute mandates the form of notice in the event of any "unauthorized access and acquisition of computerized data" that materially compromises the security or confidentiality of such "personal information." The new law becomes effective on June 30, 2006.
I purchased gun in PA as a green card holder. My immigration status became public knowledge because an employee of the gun store openly talked about it in public. Is that a violation of my privacy rights?
At another gunstore, a receipt of my mortgage was presented and left there because of the requirement for green card holders to present supplemental verification of their address. If that information becomes public knowledge through the actions of the employees of that dealer, will it be considered a breach of my privacy rights ?
How do I go about seeking legal redress?