WASHINGTON (10/27/09)--The data security debate returns to Congress this week as the Senate Judiciary Committee has scheduled for Thursday a markup session on S.1490, the "Personal Data Privacy and Security Act of 2009"; and S.139, the "Data Breach Notification Act." S. 1490, introduced by Sen. Patrick Leahy (D-Vt.) earlier this year, would “prevent and mitigate identity theft, to ensure privacy, to provide notice of security breaches, and to enhance criminal penalties, law enforcement assistance, and other protections against security breaches, fraudulent access, and misuse of personally identifiable information.” S. 139, introduced by Sen. Diane Feinstein (D-Calif.), would “require Federal agencies, and persons engaged in interstate commerce, in possession of data containing sensitive personally identifiable information, to disclose any breach of such information.” Similar legislation has been active in the House, with H.R. 2221, the Data Accountability and Trust Act, which would require businesses to notify affected customers when outside parties gain access to sensitive information due to a security breach, passing the House Energy and Commerce Committee by voice vote earlier this month. Credit Union National Association (CUNA) President/CEO Dan Mica commented at the time that while entities that have experienced data breaches in recent years may not have the necessary contact information to reach the individuals whose accounts may have been compromised, the financial institutions of affected accountholders do. CUNA supports allowing financial institutions to charge retailers for any costs incurred by the financial institution that is forced to notify its accountholders following a data breach. Data security has long been a hot topic on the Hill, and several data security bills worked their way through the House and Senate in 2005, 2006 and 2007, although lawmakers never completed debate on the issue, and legislation remains pending. However, data security is still an increasingly important issue, and TJX Cos. was at the center of 2007 data breach that resulted in an $8 million gift card and electronic goods scam that used credit card data stolen from the retailer. Also, Heartland Payment Systems announced earlier this year that millions of credit card accounts from credit unions nationwide may have been compromised following a data breach. Visa and MasterCard also fell victim to a less serious data breach earlier this year.