Proposed bill would establish standards for national data security
The bill, introduced in the Senate on January 15, 2014 and cited as the Data Security Act of 2014, would require entities such as financial institutions, retailers, and federal agencies to better safeguard sensitive information, investigate security breaches, and notify consumers when there is a substantial risk of identity theft or account fraud. The new requirements would apply to businesses that take credit or debit card information, data brokers that compile private information, and government agencies that possess nonpublic personal information.