New Ammendments to the Pennsylvania Data Breach Law.3 min read

Recently, Pennsylvania made new amendments to its data breach law. The new amendments significantly enhance the obligations of companies in the event of a data breach. Here are the key changes:

  1. Reporting Requirement: Companies must report data breaches that affect at least 500 Pennsylvania residents.
  2. Mandatory Credit Monitoring: Affected individuals must be offered 12 months of free credit monitoring and access to credit reports, especially if sensitive information (e.g., Social Security numbers, bank account details, driver’s license numbers) is involved.
  3. Expanded Definition of Breach: Under the new law, notification is required even if personal information is accessed without clear evidence of acquisition, which broadens the circumstances under which companies must inform affected individuals.
  4. Consumer Reporting Agency Notification: Businesses now need to notify consumer reporting agencies if a breach impacts at least 1,000 residents.
  5. Attorney General Notification: The Attorney General now must be notified of breaches affecting over 500 individuals, which was previously only required for larger incidents.

Overall, these amendments aim to provide better protection for consumers by ensuring they are informed and supported in cases of data breaches that affect them.

Why Your Business Needs Cyber Liability Insurance.

So given these new amendments, it’s vital that you as a business owner invest in Cyber liability coverage. It is an essential type of insurance designed to protect businesses from the financial losses associated with data breaches and other cyber-related incidents. Given the growing frequency of cyber-crimes and data breaches, securing this coverage has become increasingly important for many businesses and organizations. Here’s a breakdown of what cyber liability insurance includes:

What is Covered by Cyber Liability Insurance?

  1. First-Party Coverage:
    • Data Restoration Costs: Covers the expenses incurred to restore lost, stolen, or compromised electronic data. This may include IT forensic costs, data recovery, and system repairs.
    • Business Interruption Losses: If a cyber incident disrupts operations, this coverage helps compensate for lost income during downtime.
    • Notification Costs: Covers the costs associated with notifying affected individuals about a data breach, as required by law.
  2. Third-Party Coverage:
    • Legal Fees and Damages: Protects against claims filed by third parties, such as customers or vendors, who may sue your business for negligence if their data is compromised. This can include the costs of legal defense and any settlements or judgments.
    • Regulatory Fines: Covers fines and penalties imposed by regulatory bodies as a result of failing to comply with data protection regulations.
    • Public Relations Costs: Associated expenses for managing public relations and communication efforts after a breach to help mitigate reputational damage.
  3. Other Potential Coverages
    • Cyber Extortion: Covers losses due to ransomware attacks or other extortion-related incidents, including payments made to cybercriminals.
    • Social Engineering Fraud: Protects against financial losses resulting from deceptive tactics used by fraudsters to trick employees into transferring funds or providing sensitive information.

Conclusion

Cyber liability insurance can be a critical component of your business’s risk management strategy. It helps cover the significant costs associated with data breaches and cyber incidents—from legal fees to reputational repair efforts—allowing your business to focus on recovery and continuance rather than being overwhelmed by the financial impact of cyber risks. Given the varied options available, it is important for you to carefully evaluate your specific needs and select a policy that aligns with your risk exposure and business operations.

Call Now Button