A recent article on Infosec Island outlined the new Personal Data Protection and Breach Accountability Act of 2011, S.1535 (the "PDPBA Act") as proposed by Senator Richard Blumenthal (D-CT). The Bill is the latest to address data security and privacy of personally identifiable information.
Some of the key elements from this article include the "enforcement by the United State Attorney General, by State Attorneys General, and by individuals via a private right of action that allows for civil penalties of up to $10,000 per violation per day per individual up to a maximum of $20,000,000 per violation."
These are some hefty fines should the bill be passed. The bill also contained some notable exceptions, namely organizations already covered by the Gramm-Leach-Bliley Act (“GLBA”) and Health Insurance Portability and Accountability Act ("HIPAA").
For the full article from Infosec Island, click here.
To view the proposed bill, click here. (PDF)