Senate Committee Passes Data Breach Laws
The U.S. Senate Judiciary Committee passes two bills that establish federal guidelines for data breach notifications.Two sweeping bills that would set new standards for data breach notifications made their way out of the Senate Judiciary Committee Nov. 5. The committee voted yes on the Personal Data Privacy and Security Act of 2009 (S.1490) and the Data Breach Notification Act (S.139). The vote means the bills are now headed to the full Senate for its stamp of approval.
The Personal Data Privacy and Security Act of 2009 establishes guidelines for performing risk assessments and vulnerability testing and controlling and logging access to sensitive information. There are also provisions tied to protecting data in transit and at rest, and a set of rules for notifying law enforcement, credit reporting agencies and individuals affected by a breach.