CUNA pushes for legislation to protect personal information

CUNA, along with trade associations from a broad spectrum of stakeholders, sent a letter to Chairman Walden and Chairman Latta in support of federal legislation to protect personal information and,  in the event of a data breach that could result in identity theft or other financial harm, ensure consumers are notified in a timely manner. The letter […]

CUNA, along with trade associations from a broad spectrum of stakeholders, sent a letter to Chairman Walden and Chairman Latta in support of federal legislation to protect personal information and,  in the event of a data breach that could result in identity theft or other financial harm, ensure consumers are notified in a timely manner.

The letter outlined the elements that should be included in future legislation:

  • A flexible, scalable standard for data protection that factors in (1) the size and complexity of an organization, (2) the cost of available tools to secure data, and (3) the sensitivity of the personal information an organization holds, as well as guarantees that small organizations are not burdened by excessive requirements.
  • A notification regime requiring timely notice to impacted consumers, law enforcement, and applicable regulators when there is a reasonable risk that a breach of unencrypted personal information exposes consumers to identity theft or other financial harm.
  • Consistent, exclusive enforcement of the new national standard by the Federal Trade Commission (FTC) and state Attorneys General, other than for entities subject to state insurance regulation or who comply with the Gramm-Leach-Bliley Act or the Health Insurance Portability and Accountability Act of 1996/HITECH Act. For entities under its jurisdiction, the FTC should have the authority to impose penalties for violations of the new law.
  • Clear preemption of the existing patchwork of often conflicting and contradictory state laws.

CUNA will continue to work with Congress and other trade associations to ensure any legislation enacted into law must guarantee that all entities that handle consumers’ sensitive financial data have in place a robust – yet flexible and scalable – process to protect data, which must be coupled with effective oversight and enforcement procedures to ensure accountability and compliance.

Written by
admin
View all articles

About Us

The League of Southeastern Credit Unions & Affiliates represents nearly 300 credit unions throughout Alabama, Florida, and Georgia. It has a combined total of almost $200 billion in assets and 12.4 million members. LSCU provides advocacy, compliance services, education and training, cooperative initiatives, and communications.

Social Channels

Follow us on all major social media platforms.

Newsletter

Make sure to subscribe to our newsletter and be the first to know the news.