The continued mishandling of personal information is a problem affecting every corner of the country and a wide range of organizations, including private-sector corporations, government agencies, financial firms, educational institutions, healthcare and insurance companies. The types of personal information that have been lost range from medical records to Social Security Numbers to bank account details. Furthermore, the burden is on the victims to determine what degree of risk they face and how best to protect themselves from future incidents, creating a frustrating and daunting situation for many Americans.
"The time is now to establish a single standard for securing citizens' personal information regardless of whether it is housed within federal, state or local government, private sector or educational institutions," said Paul Kurtz, executive director of CSIA. "Americans are being victimized by data breaches and current laws are inadequate to protect and notify them. The 110th Congress needs to make it a priority to pass a comprehensive federal law that addresses both of these concerns, alleviating the complex web of regulations that has been created by numerous state-level data-security laws."
According to the alliance, to accomplish the dual goals of prevention and notification, a national law should establish reasonable security measures, create a consistent and recognizable notification standard, encourage best practices such as encryption and include effective enforcement capabilities.
Added Kurtz, "Congress should be very concerned about this milestone not only because of the sheer number of individuals affected, but also because the decline in consumer confidence in the security of personal information is a serious drag on our economy. By passing a federal data security bill, Congress has the power to alleviate much of the fear, uncertainty and doubt that Americans are facing right now."
