WASHINGTON—NAFCU is again urging Congress to deliver a national data security standard, arguing that not having one in place "creates risk, as bad actors often target those companies who do not have high security standards."
"While depository institutions have had a national standard on data security since the passage of the Gramm-Leach-Bliley Act (GLBA) over two decades ago, other entities who handle consumer financial data do not have such a national standard," wrote 's Brad Thaler, NAFCU's vice president of legislative affairs, ahead of a Senate Judiciary subcommittee hearing.
"…Along those same lines, we also believe that there is a need for a uniform national consumer data privacy standard as opposed to a patchwork of standards stemming from different state data privacy laws," Thaler added. "Such a standard should recognize what has been in place and is working for consumers, credit unions and others under existing laws such as the GLBA."