Senators introduce guidelines bill for data security breaches

Sen. Pat Toomey (R-Pa.) introduced a bill on behalf of himself and four other Republican senators setting national standards for how companies inform individuals of a breach of security related to personal information.

Toomey, alongside Sens. Olympia Snowe (Maine), Jim DeMint (S.C.), Roy Blunt (Mo.) and Dean Heller (Nev.), introduced the Data Security and Breach Notification Act of 2012 (S.3333) on Thursday.

ADVERTISEMENT
The act directs corporations, trusts, cooperatives and similar entities that retain personal information to inform the owners of that information of a breach as quickly as possible. The breached entities have to inform the owners of the breached information on the date it was accessed, the information that was stolen and how to contact the breached entity for more information. The notification can be by telephone, email or on paper.

The personal information cited by the legislation includes Social Security numbers, driver's license numbers, financial account numbers, credit or debit card numbers and related security codes. Failure to follow the notification standard under the act goes results in a fine as high as $500,000.

Some Republicans in Congress have expressed support for something like the Data Security Act because they prefer a singular, national standard rather than differing state laws. 

Read the bill below:

S 3333 Data Security - Bill Text

More in Senate

Senate passes bill to secure federal data

Read more »