All Information (Except Text) for S.961 - Data Security Act of 2015114th Congress (2015-2016)
|Sponsor:||Sen. Carper, Thomas R. [D-DE] (Introduced 04/15/2015)|
|Committees:||Senate - Commerce, Science, and Transportation|
|Latest Action:||Senate - 04/15/2015 Read twice and referred to the Committee on Commerce, Science, and Transportation. (All Actions)|
This bill has the status Introduced
Here are the steps for Status of Legislation:
There is 1 version of this bill. View text
Click the check-box to add or remove the section, click the text link to scroll to that section.
Titles Actions Overview All Actions Cosponsors Committees Related Bills Subjects Latest Summary All Summaries
Actions Overview (1)
|04/15/2015||Introduced in Senate|
04/15/2015 Introduced in Senate
All Actions (1)
|04/15/2015||Read twice and referred to the Committee on Commerce, Science, and Transportation.|
Action By: Senate
04/15/2015 Read twice and referred to the Committee on Commerce, Science, and Transportation.
|Sen. Blunt, Roy [R-MO]*||04/15/2015|
|Sen. Coons, Christopher A. [D-DE]||12/08/2015|
|Committee / Subcommittee||Date||Activity||Reports|
|Senate Commerce, Science, and Transportation||04/15/2015||Referred to|
Subject — Policy Area:
One Policy Area term, which best describes an entire measure, is assigned to every public bill or resolution.
- Administrative law and regulatory procedures
- Bank accounts, deposits, capital
- Banking and financial institutions regulation
- Commodity Futures Trading Commission
- Computer security and identity theft
- Consumer credit
- Department of the Treasury
- Federal Deposit Insurance Corporation (FDIC)
- Federal Reserve System
- Federal Trade Commission (FTC)
- Federal preemption
- Government information and archives
- Health information and medical records
- Insurance industry and regulation
- National Credit Union Administration
- Right of privacy
- Securities and Exchange Commission (SEC)
Latest Summary (1)
Introduced in Senate (04/15/2015)
Data Security Act of 2015
Requires individuals, corporations, or other non-government entities that access, maintain, communicate, or handle sensitive account information or nonpublic personal information to implement an information security program and to notify consumers, federal law enforcement, appropriate administrative agencies, payment card networks, and consumer reporting agencies of certain data breaches of unencrypted sensitive information likely to cause identity theft or fraudulent transactions on consumer financial accounts.
Directs entities to require their service providers by contract to implement appropriate safeguards for sensitive information.
Provides special notification procedures for: (1) third-party service providers that maintain data in electronic form on behalf of another entity, and (2) certain electronic data carriers.
Allows financial institutions to communicate with account holders regarding breaches at third-party entities with access to their account information.
Sets forth alternative compliance procedures for: (1) financial institutions and affiliates under the Gramm-Leach-Bliley Act, and (2) entities complying with certain health record privacy laws.
Requires this Act to be enforced by the Federal Trade Commission, the Comptroller of the Currency, the Federal Reserve System, the Federal Deposit Insurance Corporation, the National Credit Union Administration Board, the Securities and Exchange Commission, the Commodity Futures Trading Commission, the Office of Federal Housing Enterprise Oversight, or a state insurance authority depending on the type of entity handling the sensitive information.
Allows a consumer or entity that suffers financial harm from an entity's violation of this Act to bring an action in federal court to recover damages for negligent or knowing violations.
Prohibits certain state laws from being imposed for information security and breach notification purposes. Provides for the requirements of this Act to apply to certain entities in place of existing security practices and notifications standards currently enforced by the Federal Communications Commission.