WASHINGTON (1/26/15)--A group of financial trade organizations, including the Credit Union National Association, has written to Congress with a set of principles to serve as a guide for potential data security legislation.
President Barack Obama has spoken of the need for such legislation, and the House subcommittee on commerce, manufacturing and trade will host a hearing this week examining what sound data breach legislation should look like.
CUNA President/CEO Jim Nussle said the joint letter--with credit unions and banks uniting in a single message--serves to underscore the importance that legislative action be taken to plug the gaps in data security rules that apply to merchants.
The letter reads, "Some industries--including the financial industry--are required by law to develop and maintain robust internal protections to combat and address criminal attacks, and are required to protect consumer financial information and notify consumers when a breach occurs within their systems that will put their customers at risk.
"The same cannot be said for other industries, like retailers, that routinely handle this same information and increasingly store it for their own purposes."
The letter is signed by CUNA, the American Bankers Association, the Consumer Bankers Association, the Financial Services Roundtable, the Independent Community Bankers Association, the National Association of Federal Credit Unions and The Clearing House.
The list of principles the organizations believe should serve as a guide when drafting data breach legislation are:
Financial institutions are subject to significant federal requirements regarding protection of information and consumer notification, and they are also subject to federal oversight, examination and sanction authority.
"This extensive legal, regulatory examination and enforcement regime ensures that financial institutions robustly protect American's personal financial information," the letter reads. "In contrast, retailers that accept electronic payments face no similar requirements or oversight, and as a result millions of American consumers' personal financial information has been compromised in recent years."