CRS Releases Report on "Data Security: Federal and State Laws"
February 14, 2006
Summary: Security breaches involving electronic personal data have come to light largely as a result of the California Security Breach Notification Act, a California notification law that went into effect in 2003. In response, the states and some Members have introduced bills that would require companies to notify persons affected by such security breaches. By December 2005, 35 states had introduced data security legislation and 22 states had enacted data security laws. Numerous data security bills have been introduced in the 109th Congress were reported by Senate committees.