Veteran DATA Act
Introduced in HouseJan 30, 2026

Veteran DATA Act

23 sections · 1 min read

Section 1. Short title

This Act may be cited as the Veteran Data Accountability for Third-party Actors Act or the Veteran DATA Act.

Section 2. Prohibition of the sale of sensitive personal information maintained by the Secretary of Veterans Affairs

Section 5725 of title 38, United States Code, is amended by adding at the end the following new subsection:

(d) Prohibition of sale of sensitive personal information

The Secretary may not enter into a contract that permits the contractor to sell (or otherwise disclose for consideration) sensitive personal information to another entity.

Section 2. Prohibition of the sale of sensitive personal information maintained by the Secretary of Veterans Affairs

.

(a) In general

Not later than one year after the date of the enactment of this Act, the Secretary of Veterans Affairs shall—

(1) ensure that each covered contract includes, or is modified to include, a clause prohibiting covered information from being monetized, sold, or otherwise misused by any contractor, including any subcontractor or affiliate thereof, or other non-Department of Veterans Affairs entity; and

(2) issue a directive or other policy providing guidance to employees and contractors of the Department on how to identify the monetization, sale, or misuse of covered information in order to ensure contractors are in compliance with clauses in covered contracts included pursuant to paragraph (1).

(b) Report

Not later than one year after the date of the enactment of this Act, the Secretary shall submit to the appropriate congressional committees a report that includes—

(1) a copy of the contract clause required by subsection (a)(1);

(2) the guidance required by subsection (a)(2); and

(3) a summary of any other actions taken to comply with subsection (a).

(c) Definitions

In this section:

(1) The term appropriate congressional committees means the Committees on Veterans’ Affairs of the House of Representatives and the Senate.

(2) The term covered contract means a contract of the Department of Veterans Affairs that provides for the handling of covered information and is entered into—

(A) after the date of the enactment of this Act; or

(B) before the date of the enactment of this Act and does not expire before the date of the enactment of this Act.

(3) The term covered information —

(A) means protected health information or personally identifiable information, including such information that has been anonymized; and

(B) includes information protected under—

(i) section 552a of title 5, United States Code;

(ii) section 5701 or 7332 of title 38 United States Code;

(iii) parts 160, 161, and 164 of title 45, Code of Federal Regulations; and

(iv) any other provision of law, as determined by the Secretary.

to ask questions about this bill.