S.1202 - Personal Data Protection Act of 2007

A bill to require agencies and persons in possession of computerized data containing sensitive personal information, to disclose security breaches where such breach poses a significant risk of identity theft. view all titles (2)

All Bill Titles

  • Official: A bill to require agencies and persons in possession of computerized data containing sensitive personal information, to disclose security breaches where such breach poses a significant risk of identity theft. as introduced.
  • Short: Personal Data Protection Act of 2007 as introduced.

This Bill currently has no wiki content. If you would like to create a wiki entry for this bill, please Login, and then select the wiki tab to create it.

Bill’s Views

  • Today: 1
  • Past Seven Days: 1
  • All-Time: 2,645
 
Introduced
 
Senate
Passes
 
House
Passes
 
President
Signs
 

 
04/24/07
 
 
 
 
 
 
 

Official Summary

Personal Data Protection Act of 2007 - Defines \"identity theft\" to mean a fraud committed using the sensitive personal information of another individual with the intent to commit or to aid or abet unlawful activity that results in economic loss to that individual.Requires any agency or pe

Official Summary

Personal Data Protection Act of 2007 - Defines \"identity theft\" to mean a fraud committed using the sensitive personal information of another individual with the intent to commit or to aid or abet unlawful activity that results in economic loss to that individual.Requires any agency or person that owns or licenses computerized data containing sensitive personal information to:
(1) develop, implement, and maintain reasonable security and notification procedures and practices (appropriate to the size and nature of the agency or person and the nature of the information) to ensure the security and confidentiality of the personal information and to protect sensitive personal information against unauthorized access, destruction, use, modification, or disclosure; and
(2) notify any individual whose sensitive personal information was compromised (permits a federal law enforcement agency of domestic or foreign jurisdiction to delay notification if notification would impede a criminal or civil investigation).Requires any agency or person in possession of computerized data containing sensitive personal information that it does not own or license to notify and cooperate with the owner or licensor upon discovery of a breach of the security of the system of such agency or person as expediently as possible. Authorizes an agency or person in possession of sensitive personal information to enter into an agreement with the owner or licensor of information regarding which person or entity will provide any notice required to an individual whose sensitive personal information was compromised. Requires the agency or person that owns or licenses computerized data containing sensitive personal information to provide any notice required if there is not such an agreement. Sets forth provisions regarding the timeliness of notification, the methods and contents of notice, and the duty to coordinate with consumer reporting agencies.Establishes civil remedies for failure to provide notice of a security breach. Authorizes enforcement by state Attorneys General on behalf of residents of the state.

...Read the Rest




Vote on This Bill

-% Users Support Bill

0 in favor / 0 opposed
 

Send Your Senator a Letter

about this bill Support Oppose Tracking
Track with MyOC