FISMA amendment could redefine personally identifiable info

[lyger <lyger () attrition org>]

http://www.fcw.com/article102939-06-08-07-Web

A new Senate bill could redefine how agencies report and handle breaches 
of sensitive information.

Sen. Norm Coleman (R-Minn.) introduced the Federal Agency Data Breach 
Protection Act June 7. An amendment to the Federal Information Security 
Management Act, the bill would give more policy-defining power to the 
Office of Management and Budget and broaden the definition of personally 
identifiable information.

Coleman wants OMB to establish specific policies, procedures and standards 
for agencies to follow in the event of a data breach. Also, the bill would 
broaden the powers of agency chief information and chief human capital 
officers to enforce compliance and assess damage to federal personal 
property, respectively.

The bill also would broaden the definition of personally identifiable 
information to include education; criminal, medical and employment 
history; and financial transactions. Sensitive information would also 
include name, Social Security number, birth date and place, mother's 
maiden name, biometric records and "any other personal information that is 
linked or linkable to the individual," according to the bill.

[...]
_______________________________________________
Dataloss Mailing List (dataloss () attrition org)
http://attrition.org/dataloss
Tracking more than 209 million compromised records in 694 incidents over 7 years.