Sunday, March 4, 2018
Financial Trades Write House Leaders on Data Breach Notification Legislation
Seven financial trade organizations wrote to House leaders on February 28 underscoring the need for businesses across all industries to be held to the same data protection and breach notification standards currently adhered to by regulated financial institutions.
The associations expressed support for draft legislation released by Reps. Blaine Luetkemeyer (R-Mo.) and Carolyn Maloney (D-N.Y.) that would create a level playing field of nationally consistent data protection standards and post-breach notification requirements. This bill would not create duplicative standards for financial institutions which are already subject to robust standards, but rather extend similar expectations to other sectors that handle consumer data.
However, this exclusion of banks and credit unions from duplicative notification requirements has been the target of recent negative campaigns circulated by the National Retail Federation and the Retail Industry Leaders Association, which incorrectly suggest that banks and credit unions do not notify customers of breaches on their computer systems and call once again for universal "chip and PIN." The ads from the retailer groups also mischaracterize and exaggerate the share of data breaches occurring at banks and credit unions.
The financial trades refuted the notification assertion, noting that “banks and credit unions have long been subject to rigorous data protection and breach notification practices for financial institutions to follow,” and that in the event of a data breach, banks and credit unions work continuously to communicate with customers, reissue cards and enact measures to mitigate the effects of fraud. They added, however, that “no solution will work unless everyone has an obligation to take these steps.”
The letter was signed by the American Bankers Association, Consumer Bankers Association, Credit Union National Association, Financial Services Roundtable, Independent Community Bankers of America, National Association of Federally-Insured Credit Unions, and The Clearing House.
Read the letter.
The associations expressed support for draft legislation released by Reps. Blaine Luetkemeyer (R-Mo.) and Carolyn Maloney (D-N.Y.) that would create a level playing field of nationally consistent data protection standards and post-breach notification requirements. This bill would not create duplicative standards for financial institutions which are already subject to robust standards, but rather extend similar expectations to other sectors that handle consumer data.
However, this exclusion of banks and credit unions from duplicative notification requirements has been the target of recent negative campaigns circulated by the National Retail Federation and the Retail Industry Leaders Association, which incorrectly suggest that banks and credit unions do not notify customers of breaches on their computer systems and call once again for universal "chip and PIN." The ads from the retailer groups also mischaracterize and exaggerate the share of data breaches occurring at banks and credit unions.
The financial trades refuted the notification assertion, noting that “banks and credit unions have long been subject to rigorous data protection and breach notification practices for financial institutions to follow,” and that in the event of a data breach, banks and credit unions work continuously to communicate with customers, reissue cards and enact measures to mitigate the effects of fraud. They added, however, that “no solution will work unless everyone has an obligation to take these steps.”
The letter was signed by the American Bankers Association, Consumer Bankers Association, Credit Union National Association, Financial Services Roundtable, Independent Community Bankers of America, National Association of Federally-Insured Credit Unions, and The Clearing House.
Read the letter.
Subscribe to:
Post Comments (Atom)
No comments:
Post a Comment