February 27, 2019

NAFCU urges Senate on data security standard

data securityNAFCU's Brad Thaler, for the second time this week, shared with lawmakers NAFCU's guiding principles to help define key issues credit unions would like to see addressed in any comprehensive data security legislation. NAFCU – a leading advocate for national data security standards – continues to push for the adoption of data and cybersecurity standards for all entities that hold consumers' information.

The Senate Commerce Committee is holding a hearing today on a federal data privacy framework and will examine how Congress can address risks to consumers and implement data privacy protections. Thaler, NAFCU's vice president of legislative affairs, sent the letter to Senate Commerce Committee Chairman Roger Wicker, R-Miss., and Ranking Member Maria Cantwell, D-Wash.

In the letter, Thaler reiterated the association's call for a strong national data security standard, noting that "a major aspect of consumer privacy is ensuring the security of a consumer's financial data."

He also outlined NAFCU's guiding principles for data security legislation, primarily to ensure consumers are informed of what data is retained and how it's protected, timely disclosure of breaches, and that negligent entities are held responsible when a data breach occurs on their end.

NAFCU has long been active with lawmakers on this issue, and was the first group after the massive 2013 Target data breach to call for a legislative solution to reform the nation's data security system.

The House Energy and Commerce Committee held a similar hearing Tuesday; Thaler advocated for credit unions' principles ahead of that hearing as well.