Newsroom
November 06, 2014
Retailers embrace a single breach notification standard
A group of 44 retailer and service industry trade groups on Thursday urged Congress to "focus on the underlying causes of breaches" and noted support for setting a single, national standard for notifying consumers of data breaches.
The letter, sent to Senate Majority Leader Harry Reid, D-Nev., Senate Minority Leader Mitch McConnell, R-Ky., House Speaker John Boehner, R-Ohio, and House Democratic Leader Nancy Pelosi, D-Calif., noted that all parties involved in the payments system, including service providers, financial institutions and any business involved with handling consumer data, should be subject to the same standard.
While NAFCU agrees that notification standards are a good place for Congress to start, it continues to urge that retailers be held to a national standard on data security such as that required of financial institutions under the Gramm-Leach-Bliley Act. Bringing retailers under a similar regulatory framework financial institutions face without creating additional burdens for credit unions, is a key tenet of NAFCU's five-point plan for regulatory relief.
NAFCU has been pressing hard for passage of legislation to set national data security and breach notification standards for retailers that include the identity of the companies and retailers whose data systems were violated allowing consumers to know where their personal information is at risk. NAFCU supports legislation introduced in January by Sens. Tom Carper, D-Del., and Roy Blunt, R-Mo., which would increase requirements for businesses without burdening financial institutions – such as credit unions – already subject to data protection measures.
The association is a member of the Payments Security Task Force, a group focused on enhancing payments system security and includes representatives from payment networks, banks, credit unions, acquirers, retailers, point-of-sale device manufacturers and industry trade groups. It is also a member of the Financial Services Sector Coordinating Council and the Financial Services Information Sharing and Analysis Center, which work on infrastructure cybersecurity.
The letter, sent to Senate Majority Leader Harry Reid, D-Nev., Senate Minority Leader Mitch McConnell, R-Ky., House Speaker John Boehner, R-Ohio, and House Democratic Leader Nancy Pelosi, D-Calif., noted that all parties involved in the payments system, including service providers, financial institutions and any business involved with handling consumer data, should be subject to the same standard.
While NAFCU agrees that notification standards are a good place for Congress to start, it continues to urge that retailers be held to a national standard on data security such as that required of financial institutions under the Gramm-Leach-Bliley Act. Bringing retailers under a similar regulatory framework financial institutions face without creating additional burdens for credit unions, is a key tenet of NAFCU's five-point plan for regulatory relief.
NAFCU has been pressing hard for passage of legislation to set national data security and breach notification standards for retailers that include the identity of the companies and retailers whose data systems were violated allowing consumers to know where their personal information is at risk. NAFCU supports legislation introduced in January by Sens. Tom Carper, D-Del., and Roy Blunt, R-Mo., which would increase requirements for businesses without burdening financial institutions – such as credit unions – already subject to data protection measures.
The association is a member of the Payments Security Task Force, a group focused on enhancing payments system security and includes representatives from payment networks, banks, credit unions, acquirers, retailers, point-of-sale device manufacturers and industry trade groups. It is also a member of the Financial Services Sector Coordinating Council and the Financial Services Information Sharing and Analysis Center, which work on infrastructure cybersecurity.
Share This
Related Resources
Data Privacy Issue Brief
Whitepapers
Data Privacy Issue Brief
Whitepapers
NAFCU Data Privacy Principles
Whitepapers
Compliance Monitor - August 2018
Newsletter
Get daily updates.
Subscribe to NAFCU today.