Notification of Risk to Personal Data Act

[AI summary unavailable — showing source text] Notification of Risk to Personal Data Act - Requires any Federal agency or person that owns, licenses, or collects personal information data following the discovery of a breach its personal data security system, or upon receiving notice of a system breach, to notify (as specified) the individual whose information was obtained by an unauthorized person. Requires any agency or person possessing, but not owning or licensing such data, to notify the information owner or licensee of an unauthorized acquisition. Excepts agencies from notification requirements for national security and law enforcement purposes and requires Congress to be immediately notified when such exceptions are made. Sets forth enforcement provisions.…