

111 HR 3731 IH: Federal Exchange Data Breach Notification Act of 2013
U.S. House of Representatives
2013-12-12
text/xml
EN
Pursuant to Title 17 Section 105 of the United States Code, this file is not subject to copyright protection and is in the public domain.



I113th CONGRESS1st SessionH. R. 3731IN THE HOUSE OF REPRESENTATIVESDecember 12, 2013Mrs. Black (for herself and Mr. Meehan) introduced the following bill; which was referred to the Committee on Energy and CommerceA BILLTo require an Exchange established under the Patient Protection and Affordable Care Act to notify individuals in the case that personal information of such individuals is known to have been acquired or accessed as a result of a breach of the security of any system maintained by the Exchange.1.Short titleThis Act may be cited as the Federal Exchange Data Breach Notification Act of 2013.2.Notification to individuals of personal information being acquired or accessed as a result of a breach of system securityAfter the discovery of a breach of security of any system maintained by an Exchange established pursuant to section 1321(c) of the Patient Protection and Affordable Care Act (Public Law 111–148), the Exchange shall, in accordance with the requirements of the Health Breach Notification Rule issued by the Federal Trade Commission (16 C.F.R. 318), provide notice of such breach to each individual whose personal information (including any non health-related personal information) is known to have been acquired or accessed as a result of such breach of security. A violation of this section shall be treated as a violation of a rule defining an unfair or deceptive act or practice prescribed under section 18 of the Federal Trade Commission Act (15 U.S.C. 57a).