A nationwide "bipartisan and comprehensive approach" to information security may be making its way through the Senate soon.
Senators Tom Carper and Roy Blunt unsuccessfully attempted in the last Congressional session to push through a comprehensive data security bill. Yesterday (January 15) they introduced a revised version of the bill, titled the Data Security Act of 2014. In the wake of the massive Target breach, it might stand a better chance of passage.
The bill would go farther than the privacy and data security provisions of the Gramm-Leach-Bliley Act, which have been in effect for more than a decade. It would require businesses, governments, and other organizations to take further steps to protect private information, address security breaches, and quickly notify customers of breaches than under existing law. Currently, nearly every state has privacy and data security laws that create a maze of compliance issues for organizations that are active in more than one state. One aim of the Data Security Act is to standardize the law throughout the nation.
The Data Security Act of 2014 has been assigned to the Senate Banking, Housing and Urban Affairs Committee for review. Similar bills by Senator Patrick Leahy and Senator Pat Toomey are being considered by the Senate Judiciary Committee and the Senate Commerce Committee, respectively.
You can read the full text of the Data Security Act of 2014 here.