Congress Has New Data Security Bill Moving. 5 Highlights.

Bipartisanship Lives. Last week a new data security bill was unvieled to create standardized requirements for data breach and security issues. 

Co-sponsors of the bill:

  • Representative Marsha Blackburn (R-TN)
  • Representative Peter Welch (D-VT)
  • Both are members of the House Subcommittee on Commerce, Manufacturing, and Trade, and Blackburn also serves as Vice Chairman of the Energy and Commerce Committee.

The Bill is Titled: “Data Security and Breach Notification Act of 2015. 

What the bill does:

  • Companies would be required to use “reasonable security measures” to protect an individual’s personal information. 
  • Companies would be required “to notify affected individuals as “expeditiously as possible” but no later than 30-days after the company has taken the “necessary measures to determine the scope of the breach and restore reasonable integrity, security, and confidentiality of the data system,” unless the delay is attributed to law enforcement or national security reasons.  ” 
  • No individual notice obligation if there was no reasonable risk that the breach of security resulted in, or would result in, identity theft, economic loss or harm, or financial fraud.
  • Effectively preempt the current patchwork of state statutes governing data breach notification and data security.  
  • Enforcement:
    • A violation of this legislation would constitute an unfair and deceptive act or practice
    • Federal Trade Commission or state attorneys general would have authority to enforce.  
    • civil penalties for violations of the data security and breach notification requirements.  

National Law Review

image



Thank you for subscribing to our newsletter.
Great things are just around the corner!