WASHINGTON (2/12/14)--Is your credit union preparing for the increasing threat posed by data breaches? In the event of a breach, notifying members is always a good first step, the Credit Union National Association's CompBlog noted in the latest CompBlog Wrap-Up.
Part 748 of National Credit Union Administration regulations only require credit unions to notify regulators and affected members after a breach involving member information systems maintained by a credit union or its contracted service providers. So, a merchant breach would not trigger a Part 748 member notification, CUNA explained.
"Nevertheless, notifying affected members is still a good idea, both to protect the member and the credit union from fraudulent card usage," CUNA said.
Many credit unions have alerted their members through mail and e-mail following the Target data breach, posted information on their websites and educated members on the steps they can take to protect themselves. CUNA emphasized that these efforts are still ongoing.
There are 46 states that have their own data breach notification laws, and state leagues will have information on any specific actions that are required by state law, the blog post added. (For a state law list compiled by the National Conference of State Legislatures, use the resource link.)
CUNA Mutual Group has also released a series of tips to help credit unions mitigate the risks posed by data breaches. Tips include:
For more compliance gems, use the resource link.