Members of the US Cyber Security Industry Alliance (CSIA) will be mobilising next week to call for immediate passage of data security and breach notification legislation.

The organisation stressed the urgent need for legislation to establish national standards for safeguarding sensitive information as well as data breach notification.

The national CSIA grassroots campaign in support of data security legislation comes as consumers face growing threats to privacy and personal information.

More than 165 million personal records have been compromised since 2005 owing to data security breaches.

"Data breaches continue to occur at every kind of organisation, including schools, government agencies, health care providers, small businesses and large retail stores. It is time for Congress to act," said CSIA president Tim Bennett.

"The continuing absence of a national data security law leaves consumers vulnerable to identity theft and threatens the security of personal data."

Requirements to beef up data security and notify consumers when breaches occur already has bipartisan support in Congress.

Several bills currently under consideration could provide a realistic and effective legal framework for organisations of all sizes.

Around 40 states have varying requirements covering data security and breach notification but the vast majority only address the problem after personal data has been compromised.

"Legislation should require public and private entities to implement strong security measures to prevent breaches before they happen," said Bennett.