Ga. Senator Files Bill On Public Data Breach Investigations

Jan 21, 2016

A bill filed in the Georgia Legislature by Sen. John Albers (R–Roswell) would mandate companies and state agencies provide details to the attorney general and the governor’s office and give authority to the attorney general’s office to conduct an investigation.  

The Republican’s bill (SB 276) is called the “Georgia Personal Data Security Act,” and it would make significant changes to legislation passed in 2005 regarding identity theft.  

If the Social Security numbers, or even school disciplinary records, of Georgians get out with their names attached, the bill says companies or state agencies are required to notify the public with 45 days. Attorney General Sam Olens and Gov. Nathan Deal must also be notified.

We need to know what happened and the necessary remediation steps, Albers says. 

“I know that if something happened to my family or to my business that I would want to know what happened and know maybe I should freeze my credit or use a credit monitoring service,” Albers says. 

Albers says the bill is not in reaction to a voter data breach in Secretary of State Brian Kemp's office last year, which was not investigated by the attorney general’s office.

Alber’s says he’s been working on the bill for over a year-and-a-half.

The bill lays out specifics on what information needs to be provided to the public in case of a security breach, including potential harm, a telephone number where individuals can get information, and information on major credit reporting agencies.