HARRISBURG – The state Senate today approved a package of bills to improve cybersecurity in Pennsylvania and require timely notifications to citizens of government data breaches, according to Sen. Gene Yaw (R-23).
Senate Bill 482 consolidates administration and management of the Commonwealth’s information technology operations under a new Office of Information Technology.
The measure would replace the current, uncoordinated approach that led to cases of costly mismanagement, including delayed implementation of a statewide police radio system and bungled upgrades to Unemployment Compensation Call Centers. Other problems included data breaches experienced by the departments of Human Services, Corrections, and Education, which exposed the names and personal information of thousands of individuals, including citizens and state employees.
Senate Bill 726 ensures Commonwealth agencies have strong safeguards in place to discourage, combat and recover from ransomware attacks.
Ransomware is a type of malicious software designed to block access to a computer system until money is paid. Senate Bill 726 would set state penalties for the possession, use, or threatened use of ransomware and prohibit state agencies from paying ransom.
When data breaches do occur, Senate Bill 696 would require state and local governments to notify potential victims within seven days. The requirement applies to any state agency, county, school district, municipality or third-party vendor experiencing a breach.
The bills were sent to the House of Representatives for consideration.