Bill Would Require U.S. Agencies To Disclose Theft Of Sensitive Data
The House panel chairman warns of stiffer legislation if the administration's procedures aren't forthcoming.
Legislation that would require federal agencies to disclose data breaches involving sensitive information was introduced in the House Monday by Rep. Tom Davis, R.-Va., chairman of the House Government Reform Committee. Such a bill would put government agencies on par with businesses, which are required by a patchwork of state laws to notify their customers in such cases.
The measure, HR 6163, would amend the Federal Information Security Management Act to direct the White House Office of Management and Budget to establish procedures for agencies to follow if personal information is lost or stolen. The legislation also would require that individuals be notified if their personal information could be compromised by a breach of data security at a federal agency. Agency CIOs would be expected to ensure that their staffs comply with information security laws and that equipment containing sensitive information is accounted for and secured.
Davis, whose committee oversees government IT, warned that tougher measures could come if the administration doesn't act swiftly. "This bill is a first step," Davis said in a statement. "If new policies and procedures are not forthcoming quickly, or if they lack the teeth to get the job done, I will revisit this matter with additional legislation."
The legislation was prompted by the theft of a laptop PC and external hard drive that contained personal data such as names, birth dates, and Social Security numbers on 26.5 million veterans and military personnel from the home of a Department of Veterans Affairs analyst in May. The devices were recovered nearly two months later, with the data apparently not accessed.
2014 Next-Gen WAN SurveyWhile 68% say demand for WAN bandwidth will increase, just 15% are in the process of bringing new services or more capacity online now. For 26%, cost is the problem. Enter vendors from Aryaka to Cisco to Pertino, all looking to use cloud to transform how IT delivers wide-area connectivity.
The UC Infrastructure TrapWorries about subpar networks tanking unified communications programs could be valid: Thirty-one percent of respondents have rolled capabilities out to less than 10% of users vs. 21% delivering UC to 76% or more. Is low uptake a result of strained infrastructures delivering poor performance?