Congress is actively working to tighten cybersecurity regulations in 2016. A recent article from The Hill quotes Representative Randy Neugebauer (R-Texas) as saying he's hoping Congress will pass data breach security legislation by the spring. 

"It's important to the (financial services) industry, (and) it's important to the American people to be assured their data is secured," Neugebauer told The Hill.

At issue is whether there will be one bill or two. 

In December, the House Financial Services Committee advanced a bill introduced by Neugebauer that would "set nationwide data security standards and require businesses to notify customers following a breach." The Energy and Commerce Committee then introduced a competing bill, and Republicans and Democrats are now arguing over whether the future federal law would supersede state data security regulations. 

Rep. Neugebauer’s bill, if it comes to fruition, would be a big deal. As we’ve written about in the past, there’s currently a patchwork of regulations that vary state-by-state to govern notification standards in the event of a breach. Having one standard would simplify the law and, in theory, be easier and cheaper for businesses to manage. On the other side, smaller retailers disagreer. They argue that Neugebauer's bill would be too burdensome for modest businesses and would allow other companies to avoid regulation altogether.