The Data Accountability and Trust Act (DATA Act), (H.R. 580), has been introduced in the House of Representatives. The bill would provide a nationwide data security standard, backed by FTC enforcement and civil penalties, as well as provisions requiring notification to affected individuals in the event of a data breach. Meanwhile, a similar bill, the Data Security and Breach Notification Act (S. 177) was introduced in the Senate.
According to the release, Commercial entities that own or process personal information would be required to implement effective information security procedures and policies to safeguard that information. Following a breach, entities would have to notify the affected individuals, in addition to the FTC. The FTC and state attorney generals would enforce the provisions of the bill, which would allow for civil penalties of up to $5 million for violations.
Source: http://www.insideprivacy.com/