Monday, March 27, 2006

Data Accountability and Trust Act Amended

The Data Accountability and Trust Act (House Bill 4127 ) has been amended to change the trigger requiring notification in the event of a security breach from a "significant risk" of identity theft to a "reasonable risk." This makes it more likely that the bill will receive bipartisan support.

The bill only applies to data brokers, and the amended version narrows the definition of "data broker" to those entities that disclose non-customer data to non-affiliated third parties.

1 Comments:

Anonymous Anonymous said...

The Data Accountability and Trust Act is still in the news. I'm unsure that the latest revision, HR 2221, will pass in it's current state. It appears that this legislation might continue until it's passed (think REAL-ID) (109th Congress 2005-2006, 110th Congress 2007-2008, 111th Congress 2009-2010).

We at the CIPP Guide see the preemption of State's Rights as a very big issue. The patchwork of privacy regulations in the US is not ideal, but having the Federal Government set the high-water mark nationally is not in the best interest of our citizens' privacy or security.

2:01 PM  

Post a Comment

<< Home