Linn Foster Freedman of Robinson & Cole provided this update on their Data Privacy + Security Insider blog:
The Senate Appropriations Committee has approved funding to provide the 22 million individuals affected by the OPM data breaches with 10 years of credit monitoring services and $5 million in liability protection for damages, extending the OPM’s offer of three years of services for those affected by the background check breach and 18 months for those affected by the breach of personnel records.
OPM also requested an appropriation of $37 million to beef up its security, but the request was rejected by the Committee.
The voice vote approval must move through both the House and the Senate before the protections can become available to affected individuals.
If this passes, will it raise the bar for breach remediation/mitigation in other cases, or will defenders argue, “Well, this was unusual because it was a foreign government getting information on government employees and so is riskier?”