Expands responsibilities of agencies, persons or entities that store, own, collect, process, maintain, acquire, use, or licenses data, who experiences a security breach, include providing additional information to persons affected and law enforcement