S.1207 - Data Security and Breach Notification Act of 2011

A bill to protect consumers by requiring reasonable security policies and procedures to protect data containing personal information, and to provide for nationwide notice in the event of a security breach. view all titles (2)

All Bill Titles

  • Official: A bill to protect consumers by requiring reasonable security policies and procedures to protect data containing personal information, and to provide for nationwide notice in the event of a security breach. as introduced.
  • Short: Data Security and Breach Notification Act of 2011 as introduced.

This Bill currently has no wiki content. If you would like to create a wiki entry for this bill, please Login, and then select the wiki tab to create it.

Bill’s Views

  • Today: 2
  • Past Seven Days: 3
  • All-Time: 3,834
 
Introduced
 
Senate
Passes
 
House
Passes
 
President
Signs
 

 
06/15/11
 
 
 
 
 
 
 

Official Summary

Data Security and Breach Notification Act of 2011 - Requires the Federal Trade Commission (FTC) to promulgate regulations requiring each covered entity (proprietorships, partnerships, estates, trusts, cooperatives, and nonprofit and for-profit corporations) that owns or possesses data conta

Official Summary

Data Security and Breach Notification Act of 2011 - Requires the Federal Trade Commission (FTC) to promulgate regulations requiring each covered entity (proprietorships, partnerships, estates, trusts, cooperatives, and nonprofit and for-profit corporations) that owns or possesses data containing personal information to implement policies and procedures regarding information security practices for the treatment and protection of such information. Sets forth additional requirements for information brokers, including requiring brokers to:
(1) submit their security policies to the FTC with a notification of a security breach or upon FTC request;
(2) establish procedures to assure the accuracy of the information they collect, assemble, or maintain that is personal information or that identifies an individual;
(3) provide individuals access to their personal information for review; and
(4) correct inaccurate information. Authorizes the FTC to conduct information security practices audits of brokers who have had a security breach or require such brokers to conduct independent audits. Directs the FTC to require information brokers to establish measures that facilitate the auditing or retracing of access to, or transmissions of, any data containing personal information. Makes it unlawful for information brokers to obtain or disclose personal information by false pretenses (pretexting). Establishes procedures in the event of an information security breach. Requires a covered entity that discovers a breach to notify the FTC and affected individuals. Sets forth requirements concerning such notification, including the method of notification requirements and timeliness requirements. Allows an exemption from notification requirements if such entity determines that there is no reasonable risk of identity theft, fraud, or other unlawful conduct. Establishes a presumption that there is no such risk for encrypted data. Applies this Act to nonprofit organizations. Sets forth enforcement provisions.

...Read the Rest

Organizations Supporting S.1207

  • National Association of Federal Credit Unions
  • Sony Pictures Entertainment
  • Business Software Alliance

Organizations Opposing S.1207

  • None via MapLight at this time.




Vote on This Bill

100% Users Support Bill

1 in favor / 0 opposed
 

Send Your Senator a Letter

about this bill Support Oppose Tracking
Track with MyOC