New Identity Theft Bill Could Impact Small Businesses

Six Republican Senators and an Independent introduced the Data Security and Breach Notification Act of 2013. (S. 1193) Data breach notification laws in 46 states and the District of Columbia would be preempted under the legislation. 

The bill would require covered entities to take “reasonable measures” to protect and secure data in electronic form containing “personal information.”  In the event unencrypted, non-anonymized data is compromised, or the covered entity reasonably believes the data has been accessed and could cause identity theft or other actual financial harm, then the covered entity must provide notification to the individuals affected.

NAR supports a single federal standard for data security and breach notification and will work to craft legislation that is narrowly tailored to reduce compliance burdens, especially for small businesses.

Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s

%d bloggers like this: