H.R.611 - BEST PRACTICES Act112th Congress (2011-2012)
Summary: H.R.611 — 112th Congress (2011-2012)
Introduced in House (02/10/2011)
Building Effective Strategies To Promote Responsibility Accountability Choice Transparency Innovation Consumer Expectations and Safeguards Act or the BEST PRACTICES Act - Defines "covered entity" as a person engaged in interstate commerce that collects or stores data containing covered or sensitive information (information), excluding: (1) governments; or (2) any person that stores covered information from or about fewer than 15,000 individuals, collects covered information from or about fewer than 10,000 individuals during any 12-month period, does not collect or store sensitive information, and does not use covered information to monitor or analyze the behavior of individuals as the person's primary business.
Requires a covered enti
Prohibits a covered entity from: (1) collecting, using, or disclosing information unless it provides the information in concise and easy-to-understand notices in accordance with regulations issued by the Federal Trade Commission (FTC) (excludes trade secrets and in-person transactions from such notice requirements); (2) collecting or using information about an individual without the individual's consent (which may be granted affirmatively or by not declining consent after appropriate notification); and (3) disclosing information about an individual to a third party unless the covered entity has received affirmative consent from the individual prior to the disclosure.
Requires a covered entity to assure information accuracy, including by providing an individual with information access and dispute resolution procedures.
Requires each covered entity and service provider to ensure information security, integrity, and confidentiality.
Exempts a covered entity that participates in one or more FTC-approved self-regulatory programs (Choice Program) from: (1) the requirements for express affirmative consent required for information use pursuant to a Choice Program; (2) the requirement of access to information; and (3) private right of action liability.
Provides and specifies the conditions for FTC, state, and private rights of enforcement.