When your organization is part of a data breach as big as Equifax and Marriott, expect to stay in the headlines. Those two corporations continue to be under a congressional review microscope following the incidents that left millions of consumers’ data exposed.
The Senate Permanent Subcommittee on Investigations has been probing these breaches and its members have been vocal about the lack of oversight in protecting people’s personal and financial credentials. Members across party lines called on the organizations to do better to proactively protect their customers’ data. These discussions have also spurred conversations across the financial services industry.
"When hackers are able to obtain someone's personal information, the consequences are real," said Democrat Sen. Tom Carper. "The constant stream of data-breach notifications we see year in, and year out, is a sign we could be doing better."
“I think it’s long past time for us to come to an agreement on a federal data security law that lays out for private industry what we expect from them, both in data protection and in data breach notification,” Carper noted.
This begs the question: "What's next for financial institution data breach regulation?"