VA data theft could provide push for info protection bill

A Senate Democrat on Thursday made a plea to his chamber's leadership to schedule floor debate on a data protection bill that could help veterans better protect their stolen personal information.

Sen. Mark Pryor of Arkansas said Thursday he hopes "Senators [Bill] Frist and [Harry] Reid will take some time on the floor," in the near future to allow consideration of S. 1408, a data protection bill he co-sponsored with a bipartisan group of seven lawmakers. Pryor made the comment during a joint hearing hosted by the Veterans Affairs and Homeland Security committees on the recent data breach at the Veterans' Affairs Department.

A laptop containing personal information on more than 26 million veterans recently was stolen from the home of a department analyst.

The legislation would allow consumers to restrict access to their credit reports. The provision is designed to frustrate potential thieves from conducting transactions under other people's names. It also would require commercial entities and non-profit institutions to implement security measures, among other things. Four Republicans support the legislation.

A Senate aide who has worked on the bill said Thursday that "there has been increased activity and discussion in recent days towards getting a data breach bill passed due to the Veterans' Affairs Department breach." But he noted that momentum has been stalled for the past year due to a lack of action from the Senate Banking Committee. The committee needs to enact language on relevant areas that fall under its jurisdiction so that committee staffers can finalize and merge the various legislative proposals in their chamber.

"It's a priority for Chairman Richard Shelby to pass a bill that would cover the financial institutions covered by the FCRA and GLB," said Senate Banking spokesman Andrew Gray, referring to the Fair Credit Reporting Act and the Gramm-Leach-Bliley Act, which address financial privacy issues.

Sen. Robert Bennett, R-Utah, is working on the banking committee's legislative proposal. A call to his office was not returned Friday afternoon. Nor was an e-mail to an aide to Frist inquiring about scheduling time for a floor debate.

"I definitely think that the latest data breach is having a big impact on the Hill," said Susanna Montezemolo, a policy analyst at Consumers Union. "Just this week alone, there were three data security mark-ups in the House."

The House Energy and Commerce, Financial Services and Judiciary committees all approved separate proposals for data protection legislation this week. The consumer groups generally support the Energy and Commerce bill, while business interests support the Financial Services legislation.

Only the Financial Services legislation includes a provision that would allows consumers to restrict third-party access to their credit reports. But that bill would only permit them to do so after being victims of fraud.

Stay up-to-date with federal news alerts and analysis — Sign up for GovExec's email newsletters.
Close [ x ] More from GovExec

Thank you for subscribing to newsletters from
We think these reports might interest you:

  • Sponsored by G Suite

    Cross-Agency Teamwork, Anytime and Anywhere

    Dan McCrae, director of IT service delivery division, National Oceanic and Atmospheric Administration (NOAA)

  • Data-Centric Security vs. Database-Level Security

    Database-level encryption had its origins in the 1990s and early 2000s in response to very basic risks which largely revolved around the theft of servers, backup tapes and other physical-layer assets. As noted in Verizon’s 2014, Data Breach Investigations Report (DBIR)1, threats today are far more advanced and dangerous.

  • Federal IT Applications: Assessing Government's Core Drivers

    In order to better understand the current state of external and internal-facing agency workplace applications, Government Business Council (GBC) and Riverbed undertook an in-depth research study of federal employees. Overall, survey findings indicate that federal IT applications still face a gamut of challenges with regard to quality, reliability, and performance management.

  • PIV- I And Multifactor Authentication: The Best Defense for Federal Government Contractors

    This white paper explores NIST SP 800-171 and why compliance is critical to federal government contractors, especially those that work with the Department of Defense, as well as how leveraging PIV-I credentialing with multifactor authentication can be used as a defense against cyberattacks

  • Toward A More Innovative Government

    This research study aims to understand how state and local leaders regard their agency’s innovation efforts and what they are doing to overcome the challenges they face in successfully implementing these efforts.

  • From Volume to Value: UK’s NHS Digital Provides U.S. Healthcare Agencies A Roadmap For Value-Based Payment Models

    The U.S. healthcare industry is rapidly moving away from traditional fee-for-service models and towards value-based purchasing that reimburses physicians for quality of care in place of frequency of care.

  • GBC Flash Poll: Is Your Agency Safe?

    Federal leaders weigh in on the state of information security


When you download a report, your information may be shared with the underwriters of that document.