Data breach notification, BCFP guidance standardization bills advance

Two NAFCU-backed bills advanced out of the House Financial Services Committee Thursday: one that would require data breach notifications for all financial entities, and one to streamline the Bureau of Consumer Financial Protection’s (previously the CFPB) guidance processes.

Subcommittee Chairman Blaine Luetkemeyer, R-Mo., introduced the Consumer Information Notification Requirement Act (H.R. 6743) last week. It would amend the Gramm-Leach-Bliley Act to require a notice of unauthorized access that is likely to result in identity theft, fraud or economic loss by all financial entities – including credit bureaus – akin to what is already in place for financial institutions. In turn, entities with national data standards would be pre-empted from state established standards and notification requirements.

NAFCU and other financial services industry trade groups asked the committee to advance H.R. 6743 – which is a scaled down version of data security legislation Luetkemeyer had been working on – to the full House as an encouraging step toward enacting comprehensive data security legislation.


continue reading »