Rep. Jim Langevin (D-Rhode Island) has reintroduced a bill that would standardize industry efforts to notify victims of cyber attacks.A press release posted Monday on Langevin’s website said the Personal Data Notification and Protection Act would give companies 30 days to notify affected individuals following the discovery of a breach of sensitive personal information.
The legislation would also direct the Federal Trade Commission to support breach notification activities, which must be done through mail, telephone or e-mail.
Langevin revived the bill after credit reporting company Equifax confirmed earlier this month that a breach of its systems exposed sensitive information of 143 million consumers.
The lawmaker noted that the proposed legislation is designed to replace 48 state breach notification laws with a nationwide standard as well as strengthen companies’ obligations to disclose cyber attacks that could affect consumers.
