House Panel Passes HR 3696

Today the Cybersecurity, Infrastructure Protection, and Security Technologies Subcommittee of the House Homeland Security Committee held a markup hearing to address HR 3696, the National Cybersecurity and Critical Infrastructure Protection (NCCIP) Act of 2013. After adopting six of the seven amendments considered the amended version of the bill was adopted by the Subcommittee in a voice vote.

Only two of the amendments made substantive changes to the bill. Amendment 2A, offered by Rep. Clarke (D,NY) added Title III – Homeland Security Cybersecurity Boots-on-the Ground. Amendment 6, offered by Rep. Daines (R,MT), added a Federal agency breach reporting requirement where personally identifiable information (PII) is compromised.

The Title III amendment is essentially HR 3107 that had already been approved by the Homeland Security Committee in a markup hearing back in October and reported by the Committee in December. It looks like adding the language to this bill will increase the chance of the provisions being considered by the House in a floor vote.

The breach reporting amendment would add a requirement to the new §228. Paragraph (d) would have a new subparagraph (11) added that would require the National Cybersecurity and Communications Integration Center (NCCIC) to implement policies and procedures that would:

• Require Federal civilian agencies to send reports and information to the Center about all personally identifiable information breaches that occur on Federal civilian information systems not later than two business days after the discovery of such a breach {§228(d)(11)(B)}; and

• Require Federal civilian agencies to notify all potential victims of a data breach involving personally identifiable information not later than two business days after the date on which such an agency sends a report and information to the Center {§228(d)(11)(C)}.

The full Committee will take action on this bill sometime after the House comes back to Washington after a one week ‘District Work’ session.