February 16, 2018

Congress making progress on NAFCU-sought data security legislation

Reps. Blaine Luetkemeyer, R-Mo., and Carolyn Maloney, D-N.Y., on Friday released NAFCU-sought draft legislation that would create a strong national data security standard for retailers and other entities. NAFCU has led the effort to ensure all entities that hold or collect consumers' personal financial information are held to similar standards as credit unions.

"Ensuring consumers' personal financial information is protected is one of NAFCU's and the credit union industry's priorities," said NAFCU President and CEO Dan Berger. "When data breaches occur, Americans' sense of security is shattered and the burden of making affected individuals whole again usually falls on their financial institution, rather than the breached entity.

"NAFCU and our members sincerely appreciate the work Reps. Luetkemeyer and Maloney are putting in to create a national data security standard that holds retailers and others accountable, and ensures consumers and credit unions are notified of a breach in a timely manner."

The draft bill builds on provisions from the Data Security Act of 2015, which would have created a strong national data security standard for retailers, held them accountable for breaches on their end and recognized credit unions' compliance with the Gramm-Leach-Bliley Act.

NAFCU continues to review the draft legislation and will update members on its progress once it is officially introduced.

Last week, Berger met with Luetkemeyer to discuss data security issues ahead of a House Financial Services subcommittee hearing, of which Luetkemeyer is the chair.