Davis introduces bill to protect sensitive info
It would require all federal agencies to tell the public when there is a data breach involving sensitive information.
Rep. Tom Davis (R-Va.), chairman of the House Government Reform Committee, introduced legislation today that would require federal agencies to better protect the sensitive information in their care.
According to a statement from Davis’ office, the legislation is designed to strengthen a bill to improve data security at the Department of Veterans Affairs. It would require all federal agencies to tell the public when there is a data breach involving sensitive information. This legislation amends the Federal Information Security Management Act, which Davis introduced and shepherded to passage in 2002.
Davis’ bill directs the Office of Management and Budget to establish procedures for agencies to follow if they lose personal information or discover someone has stolen it, according to the statement. It would also require agencies to notify people if a data security break might compromise their personal information.
The bill would give agencies’ chief information officers the power to ensure that employees comply with information security laws. It would also let CIOs account for and secure the costly equipment that contains sensitive information.
The Commerce Department recently acknowledged that since 2001, 1,137 of its laptop computers have been lost or stolen, and 249 of those contained personally identifiable information, according to an internal review.
That news angered Davis, and the committee called for an accounting by all federal agencies. Some agencies have yet to respond to the committee's query.
As originally drafted, the bill became part of the VA bill, which was introduced after department officials revealed that a laptop computer containing personal information had been stolen from an employee’s home.
Davis hopes to add the revised legislation introduced today to the VA bill, according to the statement.
“This bill is a first step,” Davis said. “If new policies and procedures are not forthcoming quickly, or if they lack the teeth to get the job done, I will revisit this matter with additional legislation.”
NEXT STORY: OMB, GSA offer financial-management guidance