Telecommunications and cable TV providers that provide phone service will soon be required to notify you if your personal information was compromised in a data breach, under a Federal Communications Commission directive that takes effect on March 13.

The application, which was posted on Monday, broadens the definition of personal information that requires disclosure. Prior to this legislation, corporations were only required to notify you if you were affected if it concerned customer information such as your phone bill or use costs. The new requirements include your name, government-issued ID numbers, email, passwords, and biometric information such as fingerprints or an eye scan. The filing was discovered by Bleeping Computer.

READ MORE: Netflix To The FCC: Large ISPs Possess Anti-Competitive Interconnection Clout

Companies have 30 days to share the information, unless law enforcement intervenes. They must also notify federal agencies within seven days of any breaches affecting 500 or more people, or if the number cannot be ascertained.

The regulation reinforces FCC guidelines established in December. They also mark the first modification to breach notification regulations in 16 years, reflecting an environment in which data breaches are becoming more regular.

READ MORE: The FCC Proposes New Rules To Protect Consumers Against Cable And Streaming Blackouts

The definition of a breach has also been widened to encompass the unintended usage of consumer information, so it no longer refers just to malevolent intrusions.