SAFE Data Act

[AI summary unavailable — showing source text] Secure and Fortify Electronic Data Act or the SAFE Data Act - Requires the Federal Trade Commission (FTC) to promulgate regulations requiring any person engaged in interstate commerce that owns or possesses data containing personal information to establish and implement reasonable security policies and procedures to treat and protect such information. Requires such regulations to include specified policies and procedures, including: (1) a process for identifying and assessing vulnerabilities in the system, and (2) a process for taking preventive and corrective action to mitigate such vulnerabilities. Requires a person covered by this Act to establish a plan and procedures for minimizing the amount of personal information maintained. Exempts services providers from such requirements for any electronic communication by a third party that is transmitted, routed, or stored in intermediate or transient storage by the provider. Establishes notification procedures in the event of a breach of security of any system that contains personal information. Allows an exemption from notification requirements if a person subject to this Act determines that there is no reasonable risk of identity th…