Five Things to Watch for in a National Breach Notification Law

by Guest Contributor 3 min read June 17, 2011

High-profile data breaches are back in the headlines as businesses—including many in the communications sector—fall prey to a growing number of cyberattacks. So far this year, 251 public notifications of data breaches have been reported according to the Privacy Rights Clearinghouse.

The latest attack comes on the heels of the Obama administration’s recent proposal to replace conflicting state laws with a uniform standard. The idea is not a new one—national breach notification legislation has been in discussion on Capitol Hill since 2007. With the addition of the White House proposal, three data breach notification bills are now under consideration. But rather than waiting for passage of a new law, communications companies and businesses in general should be aware of the issues and take steps to prepare.

Replacing 48 laws with one
Currently, notification standards differ on a state-by-state basis: 46 states, plus the District of Columbia and Puerto Rico each enforce their own standards.

The many varying laws make compliance confusing and expensive. While getting to a single standard sounds like a good idea, finding a single solution becomes difficult when there are 48 different laws to reconcile. The challenge is to craft a uniform national law that preempts state laws, while providing adequate consumer protection.

Five things to look for in a National Breach Notification Law
Passing a single law will be an uphill battle. In the meantime, these are some of the issues that will need to be resolved before a national breach standard can be enacted:

  • What types of personal information should be protected?
  • First and last name + other info (e.g. bank account number)
  • What should be classified as “personal” information?
  • Email addresses and user names
  • Health and medical information (California now includes this)
  • What qualifies as a breach and what are the triggers for notification?
  • What information should be included in a breach notice?
  • How soon after a breach should notification be sent?
    • Some states require notices be sent within a set number of days, others ASAP.

Potential penalties
What could happen if a company doesn’t comply with the proposed laws? Under the White House bill, fines would be limited to $1,000/day, with a $1 million cap. The two bills in House would impose penalties of $11,000/day, maxing out at $5 million.

How to prepare before a national standard is passed
Although the timing for passage is uncertain, communications companies need not wait for a national law to pass before taking action. Put a plan in place instead of sorting through 48 different laws.

Preparation can be as simple as making a phone call to your Experian rep about our data breach protection services. Having managed over 2,300 data breach events, Experian can help you effectively mitigate loss.

In addition to following updates on this page, you can also stay informed about the progress of pending data breach legislation by following the Data Breach Blog.

Share your thoughts and concerns on the current proposals by leaving a comment.

For further reading on this subject:

Related Posts

Related Post test

Data & Analytics

Updated November 17th Related Posts Link to automotive form, business form

Published: April 24, 2025 by Rathnathilaga.MelapavoorSankaran@experian.com
Read More about Related Post test

Test

Apply Automotive Tag

Lorem ipsum dolor sit amet, consectetur adipiscing elit. Phasellus at nisl nunc. Sed et nunc a erat vestibulum faucibus. Sed fermentum placerat mi aliquet vulputate. In hac habitasse platea dictumst. Maecenas ante dolor, venenatis vitae neque pulvinar, gravida gravida quam. Phasellus tempor rhoncus ante, ac viverra justo scelerisque at. Sed sollicitudin elit vitae est lobortis luctus. Mauris vel ex at metus cursus vestibulum lobortis cursus quam. Donec egestas cursus ex quis molestie. Mauris vel porttitor sapien. Curabitur tempor velit nulla, in tempor enim lacinia vitae. Sed cursus nunc nec auctor aliquam. Morbi fermentum, nisl nec pulvinar dapibus, lectus justo commodo lectus, eu interdum dolor metus et risus. Vivamus bibendum dolor tellus, ut efficitur nibh porttitor nec. Pellentesque habitant morbi tristique senectus et netus et malesuada fames ac turpis egestas. Maecenas facilisis pellentesque urna, et porta risus ornare id. Morbi augue sem, finibus quis turpis vitae, lobortis malesuada erat. Nullam vehicula rutrum urna et rutrum. Mauris convallis ac quam eget ornare. Nunc pellentesque risus dapibus nibh auctor tempor. Nulla neque tortor, feugiat in aliquet eget, tempus eget justo. Praesent vehicula aliquet tellus, ac bibendum tortor ullamcorper sit amet. Pellentesque tempus lacus eget aliquet euismod. Nam quis sapien metus. Nam eu interdum orci. Sed consequat, lectus quis interdum placerat, purus leo venenatis mi, ut ullamcorper dui lorem sit amet nunc. Donec semper suscipit quam eu blandit. Sed quis maximus metus. Nullam efficitur efficitur viverra. Curabitur egestas eu arcu in cursus. H1 asdf asdf H2 H3 H4 Lorem ipsum dolor sit amet, consectetur adipiscing elit. Vestibulum dapibus ullamcorper ex, sed congue massa. Duis at fringilla nisi. Aenean eu nibh vitae quam auctor ultrices. Donec consequat mattis viverra. Morbi sed egestas ante. Vivamus ornare nulla sapien. Integer mollis semper egestas. Cras vehicula erat eu ligula commodo vestibulum. Fusce at pulvinar urna, ut iaculis eros. Pellentesque volutpat leo non dui aliquet, sagittis auctor tellus accumsan. Curabitur nibh mauris, placerat sed pulvinar in, ullamcorper non nunc. Praesent id imperdiet lorem. H5 Curabitur id purus est. Fusce porttitor tortor ut ante volutpat egestas. Quisque imperdiet lobortis justo, ac vulputate eros imperdiet ut. Phasellus erat urna, pulvinar id turpis sit amet, aliquet dictum metus. Fusce et dapibus ipsum, at lacinia purus. Vestibulum euismod lectus quis ex porta, eget elementum elit fermentum. Sed semper convallis urna, at ultrices nibh euismod eu. Cras ultrices sem quis arcu fermentum viverra. Nullam hendrerit venenatis orci, id dictum leo elementum et. Sed mattis facilisis lectus ac laoreet. Nam a turpis mattis, egestas augue eu, faucibus ex. Integer pulvinar ut risus id auctor. Sed in mauris convallis, interdum mi non, sodales lorem. Praesent dignissim libero ligula, eu mattis nibh convallis a. Nunc pulvinar venenatis leo, ac rhoncus eros euismod sed. Quisque vulputate faucibus elit, vitae varius arcu congue et. Ut maximus felis quis diam accumsan suscipit. Etiam tellus erat, ultrices vitae molestie ut, bibendum id ipsum. Aenean eu dolor posuere, tincidunt libero vel, mattis mauris. Aliquam erat volutpat. Sed sit amet placerat nulla. Mauris diam leo, iaculis eget turpis a, condimentum laoreet ligula. Nunc in odio imperdiet, tincidunt velit in, lacinia urna. Aenean ultricies urna tempor, condimentum sem eget, aliquet sapien. Ut convallis cursus dictum. In hac habitasse platea dictumst. Ut eleifend eget erat vitae tempor. Nam tempus pulvinar dui, ac auctor augue pharetra nec. Sed magna augue, interdum a gravida ac, lacinia quis erat. Pellentesque fermentum in enim at tempor. Proin suscipit, odio ut lobortis semper, est dolor maximus elit, ac fringilla lorem ex eu mauris. Phasellus vitae elit et dui fermentum ornare. Vestibulum non odio nec nulla accumsan feugiat nec eu nibh. Cras tincidunt sem sed lacinia mollis. Vivamus augue justo, placerat vel euismod vitae, feugiat at sapien. Maecenas sed blandit dolor. Maecenas vel mauris arcu. Morbi id ligula congue, feugiat nisl nec, vulputate purus. Nunc nec aliquet tortor. Maecenas interdum lectus a hendrerit tristique. Ut sit amet feugiat velit. Test Yes asedtsdfd asdf asdf adsf Related Posts

Published: March 1, 2025 by , Sirisha Koduri
Read More about Test

What is Token-Based Authentication?

Apply CIS Tag

Discover how token-based authentication works, its types, and why businesses trust it to secure sensitive data.

Published: February 11, 2025 by Theresa Nguyen
Read More about What is Token-Based Authentication?