The influential Senate Judiciary Committee approved the Specter-Leahy Personal Data Privacy and Security Act of 2005 before leaving for holiday break earlier this month.
Sen. Patrick Leahy, D-Vt., said in a statement that the bill "will ensure that our lawks keep pace with technology."
"In this information-saturated age, the use of personal data has significant consequences for every American," said Leahy, the committee's ranking member. "People have lost jobs, mortgages and control over their credit and identities because personal information has been mishandled or listed incorrectly."
The bill mandates that companies with databases containing the personal information of more than 10,000 Americans must implement privacy and security programs, while letting individuals know what information they have about them in case of a breach. Federal officials must also be notified after a breach.
Sen. Arlen Specter, R-Pa., said at the time of the bill's introduction in June that breaches have become a "matter of serious consequence for our individual for our individual privacy and law enforcement."
The bill will now be considered by the full Senate.
Murray Mazer, vice president and co-founder of Lumigent Technologies, said this week that the bill calls for an appropriate amount of notification and investigation after a breach.
"This can make it easier for companies because with a single federal law, they don't have to deal with a patchwork of different state laws," he said.