May 07, 2019

Thaler restates data security needs ahead of Senate hearing

data securityIn advance of the Senate Banking Committee hearing today – the first in a series of hearings to examine what should be included in legislation to establish a national data security standard – NAFCU's Brad Thaler reiterated ways to ensure consumers have control over their data, are notified of breaches in a timely manner, know what data is being collected and how it's used, and how collected data impacts credit score reports.

Today's hearing is set to begin at 10 a.m. Eastern and will focus on privacy rights and data collection. A livestream will be available here.

Thaler, NAFCU's vice president of legislative affairs, previously shared the association's perspective on what should be included in legislation to establish a national data security standard following a request from Senate Banking Committee Chairman Mike Crapo, R-Idaho, and Ranking Member Sherrod Brown, D-Ohio.

In the letter sent Monday, Thaler reiterated the guiding principles NAFCU and credit unions would like to see incorporated in data security legislation, primarily to ensure consumers are informed of what data is retained and how it's protected, timely disclosure of breaches, and that negligent entities are held responsible when a data breach occurs on their end.

NAFCU has long been active with lawmakers on this issue, and was the first group after the massive 2013 Target data breach to call for a legislative solution to reform the nation's data security system. The association continues to stress the need for a data security standard for entities that collect and store consumers' personal and financial information that are not already subject to the same stringent requirements as depository institutions.