Congress considers data protection bills
- By John Rendleman
- May 18, 2007
Rep. Tom Davis (R-Va.), ranking member of the House Oversight and Government Reform Committee, has introduced a bill intended to prevent disclosure of sensitive or confidential information.
The Federal Agency Data Breach Protection Act outlines data security measures and public notice procedures that would be mandated governmentwide.
The bill, a proposed amendment to the Federal Information Security Management Act of 2002, defines the types of records that would be classified
as sensitive personal information meriting special protection.
It also would require agencies to adopt policies for disclosing data breaches to the public and charges them with keeping track of computer gear assigned to departing employees.
In addition, the bill places accountability for data privacy on agency leaders by limiting their ability to delegate the issue to chief information officers.
Separately, the Senate Judiciary Committee has approved two data security bills, the comprehensive Personal Data Privacy and Security Act of 2007 and the more narrowly tailored Notification of Risk to Personal Data Act, introduced by Sen. Dianne Feinstein (D-Calif.).