Newsroom

NAFCU Senior Vice President of Government Affairs and General Counsel Carrie Hunt wrote the leaders of the Senate Banking Committee in advance of its hearing on cybersecurity today, urging them to support a national data security standard for retailers.

"It is critical that sensitive personal information be safeguarded at all stages of transmission. Under Gramm-Leach-Bliley, credit unions and other financial institutions are required to meet certain criteria for safekeeping consumers' personal information," Hunt wrote in a letter to Committee Chairman Tim Johnson, D-S.D., and Ranking Member Mike Crapo, R-Idaho. "Unfortunately, there is no comprehensive regulatory structure akin to Gramm-Leach-Bliley that covers retailers, merchants and others who collect and hold sensitive information."

Hunt also emphasized the importance of legislation ensuring that consumers are told when entities are breached, that they be made aware of retailer data security policies, and that payment for the costs of retailer security breaches fall to the responsible party rather than financial institutions.

The hearing, "Cybersecurity: Enhancing Coordination to Protect the Financial Sector," will feature testimony from representatives from the Treasury Department, the Homeland Security Department, the Office of the Comptroller of the Currency, the U.S. Secret Service, and the FBI.

Hunt also noted NCUA Chairman Debbie Matz's call for retailer accountability for data security breaches on their end and the resulting costs so credit unions and other financial institutions are not left to foot the bill alone.

Matz, during a Metropolitan Area Credit Union Management Association event attended by Berger and other senior staff, also noted the fact that credit unions are held to a national data security standard under the Gramm-Leach-Bliley Act but that retailers are not.