Washington ? Legislatures in more than two dozen states are considering ways to give consumers more control over personal information that is collected and sold by private firms, but many of the proposals are drawing fire from financial services companies.

Bills are on the table in 28 states responding to a series of high-profile security breaches at information brokers, banks and universities that so far this year have resulted in more than 1 million Social Security numbers, driver’s license numbers, names and addresses falling into the hands of potential identity thieves.

In the most recent case, a medical group in San Jose announced Friday that records on roughly 185,000 current and former patients may have been exposed after two of its computers were stolen.

The state activity is being closely tracked on Capitol Hill, where several House and Senate members have introduced or are preparing identity theft legislation.

Generally, the various state bills do not target how thieves are obtaining data, through hacking, fraud or other means. But consumer groups and privacy advocates, who are championing many of the initiatives, say they would help shield consumers from the havoc and damage that identity theft can cause.

One group of bills would allow consumers to “freeze” their credit reports so that sensitive data could not be given out to anyone without permission from the individual each time the data were requested.

Identity thieves often strike by obtaining a piece of private information, such as a Social Security number, and then using it to establish credit and make purchases.