Davis introduces data breach notification act

Rep. Tom Davis (R-Va.) introduced today legislation that would require federal agencies to notify the public when they have data breaches involving sensitive information.

The bill would amend the Federal Information Security Management Act, and is a response to several recently reported data thefts, including one at the Energy Department that did not become publicly known for more than a year.

Davis' bill would direct the Office of Management and Budget to establish policies, procedures and standards for agencies to follow if sensitive personal information is lost or stolen.

"Sadly, this legislation is necessary to ensure that federal agencies are taking the proper steps to notify the public, the potential victims, and appropriate government officials that sensitive data may have been compromised," Davis said in a written statement. "We have seen too many recent examples when sensitive data has been lost or stolen and agencies have moved too slowly to acknowledge the problem and take steps to limit the potential damage."

Rep. Steve Buyer (R-Ind.), chairman of the House Veterans’ Affairs Committee, and Rep. Deborah Pryce (R-Ohio) are original co-sponsors of the bill.

Buyer has agreed to incorporate the reforms Davis suggests in legislation addressing data security at the Department of Veterans Affairs.

Featured

  • Workforce
    Avril Haines testifies SSCI Jan. 19, 2021

    Haines looks to restore IC workforce morale

    If confirmed, Avril Haines says that one of her top priorities as the Director of National Intelligence will be "institutional" issues, like renewing public trust in the intelligence community and improving workforce morale.

  • Defense
    laptop cloud concept (Andrey Suslov/Shutterstock.com)

    Telework, BYOD and DEOS

    Telework made the idea of bringing your own device a top priority as the Defense Information Systems Agency begins transitioning to a permanent version of the commercial virtual remote environment.

Stay Connected