Credit unions fully support legislation containing a national data security and privacy standard, CUNA wrote to the Senate Commerce Committee Wednesday for its hearing consumer privacy.

“Credit unions strongly support the enactment of a national data security and data privacy law that includes robust security standards that apply to all who collect or hold personal data and is preemptive of state laws. We firmly believe that there can be no data privacy until there is strong data security,” the letter reads. “With that in mind, credit unions call on Congress to pass a robust national data security standard that would cover all entities that collect consumer information and hold those who jeopardize that data accountable through regulatory enforcement.”

CUNA supports the following principles for federal privacy and data security legislation:

• New privacy and data security laws should keep the Gramm-Leach-Bliley Act (GLBA) intact, as financial services their regulators have developed regulations, guidance and procedures for compliance.
• Any new privacy law should include both data privacy and data security standards.
• The new law should cover all businesses, institutions and organizations.
• Any new law should preempt state requirements to simplify compliance and create equal expectation and protection for all consumers.
• Breach notification or disclosure requirements are important, but these requirements alone
• won’t enhance security or privacy
• Hold entities that jeopardize consumer privacy and security accountable through regulatory
• enforcement
• Recognize this issue for what it is: a national security issue.