Senate Democrats Jay Rockefeller of West Virginia and Mark Pryor of Arkansas recently proposed the Data Breach and Security Notification Act of 2010. The bill would require companies and non-profit organizations to employ comprehensive data security measures and to inform affected parties of any data loss within 60 days.
Similar to a law enacted by Massachusetts in March, the federal bill would mandate a series of security measures including data encryption and security worker present to manage the data at all times. In terms of notification, companies responsible for data loss would have to provide two years of credit monitoring to any person affected free of charge.
“As more and more of our personal information is collected and stored online and on computers, we need to ensure that the businesses storing this information are keeping it safe and giving us quick warning if it falls into the wrong hands,” Pryor said in a release.
Data loss has been an issue for companies in a number of industries in 2010. Colleges and universities, as well as healthcare organizations, seem to be the most frequent offenders. Pennsylvania State University has experienced three separate incidents since December, and Health Net, an insurnace provider, recently lost the data of 500,000 Connecticut residents.