Small Business Data Protection: New Rules for Credit Reporting Companies

Q: When did the legislative process begin?

The process officially started on 2021-06-11.

Q: Where can I read the full text of this legislation?

The full official text is available at: https://www.congress.gov/117/bills/hr3854/BILLS-117hr3854ih.htm

Q: Who is the primary sponsor?

The primary sponsor is Rep. Steube, W. Gregory [R-FL-17].

Q: Which chamber initiated this legislation?

This legislation was initiated in the House of Representatives.

This act introduces new rules for credit reporting companies to better protect small businesses from data breaches. These companies will be required to report data breaches more promptly and will not be allowed to charge affected small businesses for credit reports for 180 days after a breach. This aims to mitigate the negative impacts of such incidents on entrepreneurs.

Key points

Credit reporting companies must report small business data breaches according to state law or without unreasonable delay if no state law exists.

Following a data breach, credit reporting companies cannot charge affected small businesses for their credit reports for 180 days.

The act does not override existing state laws concerning credit reporting companies, meaning stronger state regulations remain in effect.

The government will study the economic harm incurred by small businesses due to data breaches at credit reporting companies.

article Official text account_balance Process page

Expired

Citizen Poll

No votes cast

Additional Information

Print number: 117_HR_3854

Sponsor: Rep. Steube, W. Gregory [R-FL-17]

Process start date: 2021-06-11

FREQUENTLY ASKED QUESTIONS

What is the official ID of this bill?

The official print number for this legislation is 117_HR_3854.

Which chamber initiated this legislation?

This legislation was initiated in the House of Representatives.

When did the legislative process begin?

The process officially started on 2021-06-11.

What are the main provisions?

Key points include:

Credit reporting companies must report small business data breaches according to state law or without unreasonable delay if no state law exists.
Following a data breach, credit reporting companies cannot charge affected small businesses for their credit reports for 180 days.
The act does not override existing state laws concerning credit reporting companies, meaning stronger state regulations remain in effect.
The government will study the economic harm incurred by small businesses due to data breaches at credit reporting companies.

What is the specific legal status?

The current status is Expired.

Where can I read the full text of this legislation?

The full official text is available at: View full text

Who is the primary sponsor?

The primary sponsor is Rep. Steube, W. Gregory [R-FL-17].

What is the latest detailed status?

The latest detailed status is: Referred to the House Committee on Small Business.

Is this summary verified?

Yes. This content was analyzed by AI and verified by the Lustra Judge System on 2025-12-28.

Small Business Data Protection: New Rules for Credit Reporting Companies

OFFICIAL LEGAL TITLE

FREQUENTLY ASKED QUESTIONS

CATEGORIES