Pennsylvania Governor Tom Wolf announced this week that the Commonwealth will not continue to do business with its contact tracing vendor following a security incident that potentially exposed the personal information of approximately 72,000 residents collected for the Department of Health’s (DoH) contact tracing program.

According to the (DoH), employees of the vendor created documents containing personal information online and did not secure them properly, allowing the information to be accessible. It is unknown whether any of the personal information was viewed by an unauthorized individual.

Following the incident, several state lawmakers started working on data privacy and security legislation to address the concerns of disclosing personal information to vendors.