On Monday, June 26, 2006, Sen. Tom
Carper (D-Del.) and Sen. Bob Bennett (R-Utah), members of the Senate
Banking Committee, introduced legislation to help protect individuals
and businesses from the rampant crimes of identity theft and account
fraud.
The Data Security Act of 2006 is modeled after the data security
and security breach response regime established under the Gramm-Leach-Bliley
Act of 1999 (GLB) and subsequent regulations. The new bill requires
that all entities, not just financial institutions, safeguard sensitive
information and notify consumers when information is breached in
a way that could lead to identity theft or account fraud.
The Bennett-Carper legislation creates a uniform national standard
to safeguard sensitive information and provide consumer notification
of security breaches. It also models enforcement provisions
after the GLB blueprint so federal and state regulators who oversee
financial institutions, and other entities that have this information,
are equipped with the tools to enforce these protections against
data security breaches and help consumers mitigate the problems
that result.
Key points of The Data Security Act of 2006 include:
- Creates a Uniform National Standard
- Includes
Risk-based Trigger for Consumer Notification of Data Breach
- Ensures
State and Federal Functional Regulators Have Right to Enforce
Requirements of Data Security Breach
The bill will be referred to the Senate Banking Committee where
it will be the subject of hearings. |