House Bill Would Create Financial Data Breach Notification Standard

Capital, House of Representatives, Congress, Senate

A bill introduced by Rep. Blaine Luetkemeyer, R-Mo., chairman of the House Subcommittee on Financial Institutions and Consumer Credit, on Sept. 7 aims to create a national standard for financial institutions to notify consumers of data security breaches.

The congressman noted the timing of the bill’s introduction at the one-year anniversary of Equifax’s disclosure of a data breach that impacted the personal data of more than 140 million people, which he called “an astounding violation of consumer trust.”

“Data security is a challenging and constantly evolving issue, but consumers across the nation need a robust federal data security standard,” Rep. Luetkemeyer said in a statement. “The American people deserve better data security standards, and my bill will give financial institution customers the peace of mind they need,” he said.

The legislation–entitled the Consumer Information Notification Requirement Act–would amend the Gramm-Leach-Bliley Act to require financial institutions to issue breach notices “in the event of unauthorized access that is reasonably likely to result in identity theft, fraud, or economic loss.” Banks would be covered, along with non-banking financial institutions “to the extent appropriate and practicable,” according to the bill’s language.

The bill does not appear to have companion legislation in the Senate, and its chances for becoming law in the short term are unlikely in the current session of Congress.

Recent