Bill Would Require U.S. Agencies To Disclose Theft Of Sensitive Data - InformationWeek

InformationWeek is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

IoT
IoT
Infrastructure

Bill Would Require U.S. Agencies To Disclose Theft Of Sensitive Data

The House panel chairman warns of stiffer legislation if the administration's procedures aren't forthcoming.

Legislation that would require federal agencies to disclose data breaches involving sensitive information was introduced in the House Monday by Rep. Tom Davis, R.-Va., chairman of the House Government Reform Committee. Such a bill would put government agencies on par with businesses, which are required by a patchwork of state laws to notify their customers in such cases.

The measure, HR 6163, would amend the Federal Information Security Management Act to direct the White House Office of Management and Budget to establish procedures for agencies to follow if personal information is lost or stolen. The legislation also would require that individuals be notified if their personal information could be compromised by a breach of data security at a federal agency. Agency CIOs would be expected to ensure that their staffs comply with information security laws and that equipment containing sensitive information is accounted for and secured.

Davis, whose committee oversees government IT, warned that tougher measures could come if the administration doesn't act swiftly. "This bill is a first step," Davis said in a statement. "If new policies and procedures are not forthcoming quickly, or if they lack the teeth to get the job done, I will revisit this matter with additional legislation."

The legislation was prompted by the theft of a laptop PC and external hard drive that contained personal data such as names, birth dates, and Social Security numbers on 26.5 million veterans and military personnel from the home of a Department of Veterans Affairs analyst in May. The devices were recovered nearly two months later, with the data apparently not accessed.

We welcome your comments on this topic on our social media channels, or [contact us directly] with questions about the site.
Comment  | 
Print  | 
More Insights
Slideshows
10 Top Cloud Computing Startups
Cynthia Harvey, Freelance Journalist, InformationWeek,  8/3/2020
Commentary
Adding Fuel to the MSP vs. In-house IT Debate
Andrew Froehlich, President & Lead Network Architect, West Gate Networks,  8/6/2020
Commentary
How Enterprises Can Adopt Video Game Cloud Strategy
Joao-Pierre S. Ruth, Senior Writer,  7/28/2020
White Papers
Register for InformationWeek Newsletters
2020 State of DevOps Report
2020 State of DevOps Report
Download this report today to learn more about the key tools and technologies being utilized, and how organizations deal with the cultural and process changes that DevOps brings. The report also examines the barriers organizations face, as well as the rewards from DevOps including faster application delivery, higher quality products, and quicker recovery from errors in production.
Video
Current Issue
Enterprise Automation: Do More with Less
In this IT Trend Report, we highlight the benefits of automation and the various tools as enterprises navigate turbulent times, try to do more with less, keep their operations running, and stay on track with digital modernizations.
Slideshows
Flash Poll