Efforts underway at the highest levels of government to address the surging number of data breaches have yielded another stab at a data breach bill. This time, it’s originating from two Senate Democrats. If their bill gets the go-ahead, it could enact baseline requirements on enterprises to tighten up their security measures, while also laying down the law on notifications.
It’s the latest move by government officials and lawmakers to rein in what some see as lax oversight by businesses who handle vast amounts of consumer data. It will also serve to create a level of federal regulations on data breaches that would shore up the uneven patchwork of similar laws at the state level. eSecurity Planet takes a look.
Two prominent Senate Democrats have offered a bill that would require businesses and nonprofit groups to meet baseline standards for safeguarding consumers’ personal information, and to act quickly to provide notification in the event of a breach.
The Data Security and Breach Notification Act, introduced by Sens. Mark Pryor (D-Ark.) and John Rockefeller (D-W.V.), would mandate firms that engage in the collection and storage of personal information to implement “reasonable security policies and procedures” to prevent leaks or breaches.