Introduced
by
To establish detailed rules for personal information data breaches that create a substantial risk of identity theft or fraud, including notice requirements, reporting requirements, guidelines and more for businesses, associations and state agencies. Among other things the bill would distinguish between breaches that permit an outsider to gain access to an online account, versus breaches that expose sensitive personally identifying information. The bill authorizes $5,000-per-day civil penalties for noncompliance, up to a maximum of $250,000.
Referred to the Committee on Financial Services
Reported without amendment
Refer to the committee on Ways and means.
Referred to the Committee on Ways and Means
Reported without amendment
Without amendment and with the recommendation that the bill pass.
Passed in the House 97 to 12 (details)
Referred to the Committee on Regulatory Reform
Reported without amendment
With the recommendation that the substitute (S-1) be adopted and that the bill then pass.
Passed in the Senate 38 to 0 (details)
To establish detailed rules for personal information data breaches that create a substantial risk of identity theft or fraud, including notice requirements, reporting requirements, guidelines and more for businesses, associations and state agencies. Among other things the bill would distinguish between breaches that permit an outsider to gain access to an online account, versus breaches that expose sensitive personally identifying information. The bill authorizes $5,000-per-day civil penalties for noncompliance, up to a maximum of $750,000.
Passed in the House 93 to 15 (details)
To concur with the Senate-passed version of the bill.
