Vito Petretti and Eric J. Pennesi of MorganLewis write:
The Personal Data Notification & Protection Act, (the Act) one of many security- and privacy-related legislative measures proposed by U.S. President Barack Obama last month, is intended to provide uniformity in the measures required of companies in the event of a security breach related to sensitive personally identifiable information. In addition to delineating the required procedures in the event of a breach, the proposed Act also aims to provide consistent standards for what constitutes a “security breach” and “sensitive personally identifiable information” at the federal level to supersede the numerous iterations of these concepts scattered throughout applicable state laws.
Read more on National Law Review.