Davis introduces data breach notification act

Rep. Tom Davis (R-Va.) introduced today legislation that would require federal agencies to notify the public when they have data breaches involving sensitive information.

The bill would amend the Federal Information Security Management Act, and is a response to several recently reported data thefts, including one at the Energy Department that did not become publicly known for more than a year.

Davis' bill would direct the Office of Management and Budget to establish policies, procedures and standards for agencies to follow if sensitive personal information is lost or stolen.

"Sadly, this legislation is necessary to ensure that federal agencies are taking the proper steps to notify the public, the potential victims, and appropriate government officials that sensitive data may have been compromised," Davis said in a written statement. "We have seen too many recent examples when sensitive data has been lost or stolen and agencies have moved too slowly to acknowledge the problem and take steps to limit the potential damage."

Rep. Steve Buyer (R-Ind.), chairman of the House Veterans’ Affairs Committee, and Rep. Deborah Pryce (R-Ohio) are original co-sponsors of the bill.

Buyer has agreed to incorporate the reforms Davis suggests in legislation addressing data security at the Department of Veterans Affairs.

Featured

  • FCW Perspectives
    tech process (pkproject/Shutterstock.com)

    The obstacles to automation

    As RPA moves from buzzword to practical applications, agency leaders say it’s forcing broader discussions about business operations

  • Federal 100 Awards
    Federal 100 logo

    Fed 100 nominations are now open

    Help us identify this year's outstanding individuals in federal IT.

Stay Connected

FCW INSIDER

Sign up for our newsletter.

I agree to this site's Privacy Policy.