Like Countable?

Install the App

house Bill H.R. 6236

Data Breach Notification Act

bill Progress

  • Not enacted
    The President has not signed this bill
  • The senate has not voted
  • The house has not voted
      house Committees
      Committee on Financial Services
      Committee on Energy and Commerce
      Committee on Oversight and Reform
      Committee on the Judiciary
    IntroducedSeptember 28th, 2010

Bill Details

Official information provided by the Congressional Research Service. Learn more or make a suggestion.
The Congressional Research Service writes summaries for most legislation. These summaries are listed here. Countable will update some legislation with a revised summary, title or other key elements.

Suggest an update to this bill using our form.


Data Breach Notification Act

Official Title

To require Federal agencies, and persons engaged in interstate commerce, in possession of data containing sensitive personally identifiable information, to disclose any breach of such information.


Data Breach Notification Act - Requires any federal agency or business entity engaged in interstate commerce that uses, accesses, or collects sensitive personally identifiable information, following the discovery of a security breach, to notify: (1) any U.S. resident whose information may have been accessed or acquired; and (2) the owner or licensee of any such information that the agency or business does not own or license. Exempts: (1) agencies and business entities from notification requirements for national security and law enforcement purposes and for security breaches that a risk assessment concludes do not have a significant risk of resulting in harm if specified certification or notice is provided, subject to review by the Secret Service; and (2) business entities which utilize a security program that blocks the use of sensitive personally identifiable information and provide notice of a breach to affected individuals. Requires notifications regarding security breaches under specified circumstances to the Secret Service, the Federal Bureau of Investigation (FBI), the Postal Inspection Service, and state attorneys general. Authorizes the Attorney General to bring a civil action in U.S. district court against any business entity that violates this Act. Sets civil penalties for violations. Amends the Fair Credit Reporting Act to require agencies to include a fraud alert in the file of a consumer that submits evidence of compromised financial information to a consumer reporting agency. Authorizes: (1) civil actions by state attorneys general to enforce this Act; and (2) appropriations for costs incurred by the Secret Service to investigate and conduct risk assessments of security breaches.

    There are currently no opinions on this bill, be the first to add one!