The data security act of 2015: How credit unions benefit
The U.S. House Financial Services Committee recently passed the Data Security Act of 2015. The bill has some positive implications to credit unions and financial institutions, but does present some challenges for state privacy laws and small businesses. The act would establish consistent standards nationwide for data security requirements and data breach notification requirements.Without the act, if a merchant is negligent to upgrade security software to protect cards on file, or a small merchant doesn’t implement necessary security to protect credit and debit card information collected over the internet, in-store, or over the phone, the card issuer is responsible for making the cardholder whole in the case of breach of the cardholder’s data. That is to say, the merchant, the one handling the card data, is not liable for the fraud incurred even if it is under their control. The roll-out of EMV does not address breaches of the millions of card data being stored by merchants. Also when there is a breach, there is no rule that says when or if the breach should be announced, and to whom.Great for Credit Unions. Challenging for Small Businesses.The Data Security Act is written to level the playing field by creating a nationwide standard to address these holes. This is great for credit unions as it potentially decreases the cost of fraud by forcing merchants to meet federal standards while not adding any additional burdens to credit unions. However, it may not be great for small business owners, who may not be aware of, or be able to meet compliance standards. continue reading » 4SHARESShareShareSharePrintMailGooglePinterestDiggRedditStumbleuponDeliciousBufferTumblr