S.1202: A bill to require agencies and persons in possession of computerized data containing sensitive personal information, to disclose security breaches where such breach poses a significant risk of identity theft.

A bill to require agencies and persons in possession of computerized data containing sensitive personal information, to disclose security breaches where such breach poses a significant risk of identity theft. 4/24/2007--Introduced. Personal Data Protection Act of 2007 - Defines "identity theft" to mean a fraud committed using the sensitive personal information of another individual with the intent to commit or to aid or abet unlawful activity that results in economic loss to that individual.Requires any agency or person that owns or licenses computerized data containing sensitive personal information to: (1) develop, implement, and maintain reasonable security and notification procedures and practices (appropriate to the size and nature of the agency or person and the nature of the information) to ensure the security and confidentiality of the personal information and to protect sensitive personal information against unauthorized access, destruction, use, [...]

show full description