The U.S. Senate Judiciary Committee has approved two bills that would require organizations with data breaches to report them to potential victims. The Judiciary Committee on November 3 voted to approve both the Personal Data Privacy and Security Act and the Data Breach Notification Act by large majorities.

The Data Breach Notification Act, sponsored by a Senator who is a California Democrat, would require U.S. agencies and businesses that engage in interstate commerce to report data breaches to victims whose personal information “has been, or is reasonably believed to have been, accessed, or acquired.”

The bill would also require agencies and businesses to report large data breaches to the U.S. Secret Service The Personal Data Privacy and Security Act would also require that organizations that maintain personal data give notice to potential victims and law-enforcement authorities when they have a data breach.

It would increase criminal penalties for electronic-data theft and allow people to have access to, and correct, personal data held by commercial data brokers. The second bill, sponsored by another Senator who is the Judiciary Committee chairman and a Vermont Democrat, would also require the U.S. government to establish rules protecting privacy and security when it uses information from commercial data brokers.

Several tech groups have called for the U.S. Congress to pass national data-breach notification legislation. Since a series of high-profile data breaches in early 2005, about 45 states have passed data-breach notification laws. 

The Business Software Alliance, a trade group, also praised the committee... 

Source: http://www.infoworld.com/d/security-central/senate-committee-approves-data-breach-notification-bills-200