February 18, 2014

Breach notification need underscored in report

Feb. 19, 2014 – NAFCU-supported legislation that includes a national breach notification standard was highlighted in a Washington Post article Monday that points out retailers do not have a unified approach to alerting customers when a breach has occurred.

NAFCU supports S.1927, the "Data Security Act of 2014," recently introduced by Sens. Tom Carper, D-Del., and Roy Blunt, R-Mo. The bill, addressed in the Post article, is the only bipartisan effort providing a comprehensive national framework for data security, notes NAFCU Vice President of Legislative Affairs Brad Thaler. The bill also provides a Gramm-Leach-Bliley Act carve-out – a measure that NAFCU deems essential in any new data security package.

Retailers have noted support for a national standard for data breach notification, though the industry as a whole has yet to endorse any specific bill that would require it.

Data security is a key element of NAFCU's five-point plan for regulatory relief, rolled out in February 2013. NAFCU, the first financial trade group to call for increased data security standards for retailers following the Target Corporation breach, continues to press Congress to pass legislation setting national data security standards.