3 Data Breach Bills Pass Senate Committee

A bill that includes several cyber security proposals proposed this year by the Obama administration was approved by a Senate committee today. The Personal Data Privacy and Security Act of 2011, S. 1151, introduced by Sen. Patrick Leahy, D-Vt., would establish a national standard for data breach notification.

The bill could have far-reaching effects among insurers and stakeholders alike. The bill calls for a proactive approach to data management, requiring organizations that collect and store consumers' sensitive personal information to establish and implement specific data privacy and security programs to obviate the occurrence of breaches.

Sen. Leahy said in a statement that the penalties for individuals or organizations willfully hiding breaches when they occur will be harsh, and will be met with criminal action.

The Senate move today represents the fourth time in the past four congressional sessions that the committee has approved such legislation.

The committee also approved the Personal Data Protection and Breach Accountability Act of 2011, S. 1535, a bill introduced by Sen. Richard Blumenthal, D-Conn. According to Sen. Blumenthal, this particular bill would create a process to help organizations establish appropriate minimum security standards to safeguard sensitive consumer information, and require companies to notify individuals promptly after a data breach has occurred, among other things.

Finally, the Data Breach Notification Act of 2011, S. 1408, which was sponsored by Sen. Dianne Feinstein, D-Calif., passed committee today. It promulgated, the bill would require federal agencies and those engaged in interstate commerce to disclose the breach of sensitive personally identifiable information.

For reprint and licensing requests for this article, click here.
Security risk Analytics Core systems Data and information management Compliance
MORE FROM DIGITAL INSURANCE