The Data Security and Breach Notification Act of 2015 would create a national standard for data breach notification. It would usurp the breach notification laws in 51 different jurisdictions – 47 states, three territories and Washington, D.C. The measure’s next stop is the full Energy and Commerce Committee. The bill would require notification no later than 30 days after the organization has taken “necessary measures” to determine the scope of the breach and restored the reasonable integrity, security and confidentiality of the data systems. Each violation of the proposed law would be subject to a fine of up to $2.5 million.”]
Source: https://www.cuinfosecurity.com/national-breach-notification-bill-advances-a-8051