Senators introduce guidelines bill for data security breaches

Sen. Pat Toomey (R-Pa.) introduced a bill on behalf of himself and four other Republican senators setting national standards for how companies inform individuals of a breach of security related to personal information.

Toomey, alongside Sens. Olympia Snowe (Maine), Jim DeMint (S.C.), Roy BluntRoy BluntOvernight Healthcare: Medicare fight looms on Capitol Hill Senate GOP hardening stance against emergency funding for Zika Senate Dems accuse GOP of walking away from Zika deal MORE (Mo.) and Dean HellerDean HellerCarter pledges probe of sex assault testimony Democrats block energy spending bill over Iran amendment Senate votes to increase wind energy funding MORE (Nev.), introduced the Data Security and Breach Notification Act of 2012 (S.3333) on Thursday.

ADVERTISEMENT
The act directs corporations, trusts, cooperatives and similar entities that retain personal information to inform the owners of that information of a breach as quickly as possible. The breached entities have to inform the owners of the breached information on the date it was accessed, the information that was stolen and how to contact the breached entity for more information. The notification can be by telephone, email or on paper.

The personal information cited by the legislation includes Social Security numbers, driver's license numbers, financial account numbers, credit or debit card numbers and related security codes. Failure to follow the notification standard under the act goes results in a fine as high as $500,000.

Some Republicans in Congress have expressed support for something like the Data Security Act because they prefer a singular, national standard rather than differing state laws. 

Read the bill below:

S 3333 Data Security - Bill Text

More in Senate

Rubio, Kirk introduce bill to block Iran's access to US money

Read more »