Senate Republicans Introduce a New Data Privacy Bill: Data Security and Breach Notification Act of 2012


On June 22, 2012, Senator Pat Toomey introduced the Data Security and Breach Notification Act of 2012 (the "Act") on behalf of himself and Republican Senators Olympia Snowe (Me.), Jim DeMint (S.C.), Roy Blunt (Mo.) and Dean Heller (Nev.). The Act, if enacted, would establish a national data security and breach notification standard for the protection of consumers' electronic personal information by commercial entities covered by the Act.

The Act would apply to "Covered Entities," which are defined broadly to include all sole proprietorships, partnerships, corporations, trusts, estates, cooperatives, associations or any other commercial entities that acquire, maintain, store or utilize "Personal Information." Financial institutions subject to the Gramm-Leach-Bliley Act and entities regulated under the Health Insurance Portability and Accountability Act of 1996 (HIPAA) are excluded from the definition of Covered Entities and would thus not be subject to the Act.

Please see full alert below for more information.

LOADING PDF: If there are any problems, click here to download the file.