BreachExchange mailing list archives
FISMA amendment could redefine personally identifiable info
From: lyger <lyger () attrition org>
Date: Fri, 8 Jun 2007 17:21:49 +0000 (UTC)
http://www.fcw.com/article102939-06-08-07-Web A new Senate bill could redefine how agencies report and handle breaches of sensitive information. Sen. Norm Coleman (R-Minn.) introduced the Federal Agency Data Breach Protection Act June 7. An amendment to the Federal Information Security Management Act, the bill would give more policy-defining power to the Office of Management and Budget and broaden the definition of personally identifiable information. Coleman wants OMB to establish specific policies, procedures and standards for agencies to follow in the event of a data breach. Also, the bill would broaden the powers of agency chief information and chief human capital officers to enforce compliance and assess damage to federal personal property, respectively. The bill also would broaden the definition of personally identifiable information to include education; criminal, medical and employment history; and financial transactions. Sensitive information would also include name, Social Security number, birth date and place, mother's maiden name, biometric records and "any other personal information that is linked or linkable to the individual," according to the bill. [...] _______________________________________________ Dataloss Mailing List (dataloss () attrition org) http://attrition.org/dataloss Tracking more than 209 million compromised records in 694 incidents over 7 years.
Current thread:
- FISMA amendment could redefine personally identifiable info lyger (Jun 08)