Rep. Jim Langevin (D-Rhode Island) has reintroduced a bill that would standardize industry efforts to notify victims of cyber attacks.
A press release posted Monday on Langevin’s website said the Personal Data Notification and Protection Act would give companies 30 days to notify affected individuals following the discovery of a breach of sensitive personal information.
The legislation would also direct the Federal Trade Commission to support breach notification activities, which must be done through mail, telephone or e-mail.
Langevin revived the bill after credit reporting company Equifax confirmed earlier this month that a breach of its systems exposed sensitive information of 143 million consumers.
The lawmaker noted that the proposed legislation is designed to replace 48 state breach notification laws with a nationwide standard as well as strengthen companies’ obligations to disclose cyber attacks that could affect consumers.