Introduced by Rep. Diana Farrington (R) on February 14, 2019 To establish detailed rules for personal information data breaches that create a substantial risk of identity theft or fraud, including notice requirements, reporting requirements, guidelines and more for businesses, associations and state agencies. Among other things the bill would distinguish between breaches that only permit an outsider to gain access to an online account, versus breaches that expose sensitive personally identifying information. The bill authorizes $5,000-per-day civil penalties for noncompliance, up to a maximum of $250,000. Official Text and Analysis.
Referred to the House Financial Services Committee on February 14, 2019
Reported in the House on March 13, 2019 Refer to the committee on Ways and means.
Referred to the House Ways and Means Committee on March 13, 2019
Reported in the House on December 10, 2019 Without amendment and with the recommendation that the bill pass.