Davis introduces data breach notification act

Rep. Tom Davis (R-Va.) introduced today legislation that would require federal agencies to notify the public when they have data breaches involving sensitive information.

The bill would amend the Federal Information Security Management Act, and is a response to several recently reported data thefts, including one at the Energy Department that did not become publicly known for more than a year.

Davis' bill would direct the Office of Management and Budget to establish policies, procedures and standards for agencies to follow if sensitive personal information is lost or stolen.

"Sadly, this legislation is necessary to ensure that federal agencies are taking the proper steps to notify the public, the potential victims, and appropriate government officials that sensitive data may have been compromised," Davis said in a written statement. "We have seen too many recent examples when sensitive data has been lost or stolen and agencies have moved too slowly to acknowledge the problem and take steps to limit the potential damage."

Rep. Steve Buyer (R-Ind.), chairman of the House Veterans’ Affairs Committee, and Rep. Deborah Pryce (R-Ohio) are original co-sponsors of the bill.

Buyer has agreed to incorporate the reforms Davis suggests in legislation addressing data security at the Department of Veterans Affairs.

Featured

  • Defense
    concept image of radio communication (DARPA)

    What to look for in DOD's coming spectrum strategy

    Interoperability, integration and JADC2 are likely to figure into an updated electromagnetic spectrum strategy expected soon from the Department of Defense.

  • FCW Perspectives
    data funnel (anttoniart/Shutterstock.com)

    Real-world data management

    The pandemic has put new demands on data teams, but old obstacles are still hindering agency efforts.

Stay Connected