Senators introduce guidelines bill for data security breaches

Sen. Pat Toomey (R-Pa.) introduced a bill on behalf of himself and four other Republican senators setting national standards for how companies inform individuals of a breach of security related to personal information.

Toomey, alongside Sens. Olympia Snowe (Maine), Jim DeMint (S.C.), Roy BluntRoy BluntSenators hope for deal soon on mental health bill Cruz: VA secretary 'should resign' Overnight Defense: VA chief 'deeply' regrets Disney remark; Senate fight brews over Gitmo MORE (Mo.) and Dean HellerDean HellerLake Mead hits record low water level Tough choice for vulnerable GOP senators: Embrace or reject Trump Press: Forget about GOP unity in 2016 MORE (Nev.), introduced the Data Security and Breach Notification Act of 2012 (S.3333) on Thursday.

ADVERTISEMENT
The act directs corporations, trusts, cooperatives and similar entities that retain personal information to inform the owners of that information of a breach as quickly as possible. The breached entities have to inform the owners of the breached information on the date it was accessed, the information that was stolen and how to contact the breached entity for more information. The notification can be by telephone, email or on paper.

The personal information cited by the legislation includes Social Security numbers, driver's license numbers, financial account numbers, credit or debit card numbers and related security codes. Failure to follow the notification standard under the act goes results in a fine as high as $500,000.

Some Republicans in Congress have expressed support for something like the Data Security Act because they prefer a singular, national standard rather than differing state laws. 

Read the bill below:

S 3333 Data Security - Bill Text

More in National Security

Senate panel advances spy policy bill, after House approves its own version

Read more »