Gautham Nagesh reports: Senior Democrats on the Senate Commerce Committee introduced a bill on Thursday that would require businesses and nonprofits to implement strong security features in the event of a data breach. Consumer Protection Subcommittee Chairman Sen. Mark Pryor (D-Ark.) and Commerce Chairman Sen. Jay Rockefeller (D-W.Va.) unveiled the Data Breach and Security Notification…
Category: Legislation
Closing a Door on Child Identity Theft
The Identity Theft Resource Center offers a solution to the problem that has made headlines this week — young children have their pristine SSN misused to create credit histories for those who have poor credit ratings, are illegal immigrants, or have other illegal intent: Since the 1980’s, children in the US have been issued Social…
Petri bill would enlist IRS against identity theft
U.S. Rep. Tom Petri is introducing federal legislation to fix a loophole that the IRS claims prevents it from informing people if the IRS detects that their Social Security Number has been fraudulently used… … One resident of Princeton, Wis., learned that he was a victim of the fraud as a result of a call…
White House seeks comment on trusted ID plan
Grant Gross reports: The White House is seeking comment on a draft plan for establishing a trusted identity system online, with the goal of making Internet transactions more secure and convenient. Howard Schmidt, the White House cybersecurity coordinator and special assistant to President Barack Obama, released a draft version of the National Strategy for Trusted…
OCR drafts guidelines for security risk analysis
Mary Mosquera reports: The Health & Human Services Department published draft guidance to help healthcare providers and payers figure out what is expected of them in doing a risk analysis of their protected patient health information. The security rule of the Health Insurance Portability and Accountability Act (HIPAA) requires that providers, payment plans and their…
New breach notification requirements in effect in Canada
From the Office of the Privacy Commissioner of Alberta: Amendments to the Personal Information Protection Act (PIPA) were proclaimed in force on May 1, 2010, and added a new requirement for organizations to notify the Information and Privacy Commissioner of incidents “involving the loss of or unauthorized access to or disclosure of personal information where…