There's been some activity of late around efforts to pass a federal data breach law. Since 2005, the United States Congress has been trying to pass legislation to set a federal standard for what should occur when a business is hacked and sensitive personal information is stolen. Meanwhile, 47 states have passed their own laws to govern what companies need to do in the wake of a data breach. (See blog post: Five Questions Answered about Virginia's Data Breach Law.) A patchwork of state laws can cause compliance headaches for businesses with operations and customers in more than one state. After more than 10 years of debate, the introduction of 40-plus bills, and a growing cybersecurity threat, can Congress agree on a federal solution?