Reacting to major data breaches at major retail outlets, including Target and Nieman Marcus, US senators recently introduced the Data Security and Breach Notification Act, calling on the Federal Trade Commission to develop data security and breach notification rules for all businesses that hold consumers’ personal information.
According to a story at InfoSecurity.com:
The dual thrust of the legislation is that the FTC should issue obligatory security standards for the protection of personal information, and that breached organizations should be required to notify customers if ever and whenever that data is compromised. Different states currently have different breach notification requirements, and this new bill would appear to be an attempt to consolidate them into a single federal law.
Under the proposal, businesses would receive “incentives to adopt state of the art technologies [such as encryption] that would render consumer electronic data unreadable or unusable in the case of a breach.”
Executives from Target and Nieman Marcus appeared before the Senate Judiciary Committee on Tuesday to discuss the future of retail technology.
Target CFO John J. Mulligan apologized at the beginning of the session: “I want to say how deeply sorry we are for the impact this incident has had on our guests – your constituents. We will learn from this incident and, as a result, we hope to make Target, and our industry, more secure for customers in the future.”
Senators Jay Rockefeller (D-W.Va.) and Claire McCaskill (D-Mo.) widened their data breach probe Tuesday by sending letters to more companies that announced they may have been the victim of hackers — Yahoo, Michaels and White Lodging. According to The Hill, they asked for briefings about the extent of attacks and how the companies are responding.
“We have been advocates for data security and breach notification legislation that would better protect consumers and improve corporate responsibility,” the two wrote. “The recent data security incidents that have affected major corporations…demonstrate the need for such federal legislation.”
Senate Judiciary Chairman Patrick Leahy said strong data security protections are necessary to ensure consumers trust companies processing their data. The country’s economy is “slowly recovering,” he said according to The Hill, “but without that credibility, we can’t do it.”
Otava provides the secure, compliant hybrid cloud solutions demanded by service providers, channel partners and enterprise clients in compliance-sensitive industries. By actively aggregating best-of-breed cloud companies and investing in people, tools, and processes, Otava’s global footprint continues to expand. The company provides its customers in highly regulated disciplines with a clear path to transformation through its effective solutions and broad portfolio of hybrid cloud, data protection, disaster recovery, security and colocation services, all championed by an exceptional support team. Learn more at www.otava.com.