The proposed Data Security Act of 2006 seeks to create a national data protection and breach notification standard.

"This bill would require all financial institutions, retailers and government agencies to maintain strong internal safety protections for the data they hold," Carper said in a statement. It would also require them to "quickly investigate" security breaches and to notify law enforcement, regulators and customers when there is a real risk of harm, he said.

The proposed bill would expand the reach of current laws that require only financial institutions to protect the security and confidentiality of customer information, Bennett said in a separate statement.

The Bennett-Carper legislation is modeled after the Gramm-Leach-Bliley Act of 1999 and will require federal and state regulators to enforce compliance with the law and to make sure that data security procedures are uniformly applied.

If covered entities fail to comply with the measure's requirements, regulators would be allowed to levy fines, impose corrective measures or "even bar individuals from working in their respective industries," according to a statement on Carper's Web site.