Cyber Security Industry Alliance says the VA bill is too broad and too narrow. The bill requires the VA to report breaches of sensitive personal information to Congress. CSIA wants to exempt encrypted data from notification rules. The VA in mid-May announced that a laptop and hard drive containing the personal information of 26.5 million military veterans and their spouses was stolen from an employees home about two weeks earlier. The breach set off a firestorm of criticism from Congress after Congress failed to pass a notification law.”]