Credit unions are deeply concerned that Americans’ financial wellness is compromised by inconsistent privacy and security standards applied to businesses that possess, process or transport consumers’ nonpublic personal information (NPI), CUNA wrote to the House Financial Services Committee Task Force on Financial Technology Thursday. The task force conducted a hearing on the role of “big data” in financial services, and CUNA’s letter was sent for the record.
The letter notes that, while credit unions and other financial institutions follow requirements of the Gramm-Leach-Bliley Act (GLBA) and view applying those protections to others a “good first step,” there is more that should be done.
“We would prefer that Congress move beyond GLBA and develop a uniform privacy and data security law that regulates data and privacy protections based on the type of data instead of the current sector-specific approach,” the letter reads. “While the sector-specific approach worked well when American’s health and financial information were mainly in the possession of health care providers and depository institutions, Big Data’s insatiable appetite for NPI has made regulation under the current framework difficult at best.”
CUNA prefers Congress move beyond GLBA to “develop a uniform privacy and data security law that regulates data and privacy protections based on the type of data,” instead of a sector-specific approach.
CUNA supports legislation that would: