IT Support and Hardware for Clinics
38.4K views | +1 today
IT Support and Hardware for Clinics
News, Information and Updates on Hardware and IT Tools to help improve your Medical practice
Your new post is loading...
Your new post is loading...!

Obama to push for data breach law requiring companies to report hacks

Obama to push for data breach law requiring companies to report hacks | IT Support and Hardware for Clinics |

President Barack Obama wants Congress to pass legislation requiring companies to inform customers within 30 days if their data has been hacked, a move that follows high-profile breaches at retailers including Target, Home Depot and Neiman Marcus.

A White House official said Obama will announce the proposed legislation on Monday, along with a measure aimed at preventing companies from selling student data to third parties and from using information collected in school to engage in targeted advertising.

Obama’s proposals are part of a White House effort to preview components of the president’s State of the Union address in the lead-up to the 20 January speech. The official, who insisted on anonymity, was not authorized to discuss the proposed legislation by name ahead of Obama’s speech at the Federal Trade Commission.

If passed by Congress, the Personal Data Notification and Protection Act could require US companies to notify customers within 30 days of their personal information being compromised. Recent hackings have exposed the lack of uniform practices for alerting customers in the event of a breach.

The legislation would also make it a crime to sell customers’ identities overseas.

After holding his first meeting of the new year with the top leaders in Congress on Tuesday, Obama will discuss cybersecurity, including ways of getting the private sector and federal government to voluntarily share more cybersecurity information. He’ll do so at the National Cybersecurity and Communications Integration Center, a part of the Department of Homeland Security that shares information among the public and private sectors.

Obama’s focus on cybersecurity follows the recent hack of Sony Pictures Entertainment Inc. The president and other senior administration officials blame North Korea for the crippling attack, which disclosed confidential company emails and business files and included threats of terror attacks against US movie theaters until Sony agreed to cancel the Christmas release of its film The Interview. The comedy depicts an assassination plot against North Korean leader Kim Jong-un.

In addition to the customer notification legislation, Obama will also ask lawmakers to pass the Student Digital Privacy Act. The measure would prohibit companies from selling student data to third parties, a move spurred by the increased use of technology in schools that can scoop up personal information.

The White House official said the proposed bill is based on a California statute.

It’s unclear whether the new Republican-led Congress will take up either of Obama’s legislative proposals.

No comment yet.!

Data breaches hit credit unions harder than big banks

Data breaches hit credit unions harder than big banks | IT Support and Hardware for Clinics |

Data breaches at retailers such as Target (NYSE: TGT), Home Depot (NYSE: HD), Staples (Nasdaq: SPLS) and others have a chilling effect on credit unions member services, said Credit Union National Association President and CEO Jim Nussle.

In town for the Western state credit union CEO meetings in Scottsdale, Nussle said that the cost of securing customers' privacy after those breaches has to be picked up by the nonprofit financial institutions.

"Data breaches are one of the two most important issues we want to bring to Congress' attention," Nussle said. "We have to pay first and then wait to see how we're going to get reimbursed. This needs to change for small organizations like credit unions and for community banks, too."

Nussle and Scott Earl, Mountain West Credit Union Association president and CEO, both agreed that the constituent impact is serious.

"I talked with a CEO of a credit union that had to reissue cards three times last year," said Nussle. "They must have had customers that shopped at Target, Home Depot and Jimmy John on the same day."

Earl said that the data breach issues is a serious cost.

"We're not seeing a way to recoup the costs in time and expense for dealing with the breaches to protect our members. Those costs come out of funds we can use to provide member services," he said.

In 2013, Desert Schools Credit Union had to reissue 40,000 ATM and credit cards after the Bashas' data breach, according to Vice President of Marketing Cathy Graham.

The cost was not just for replacement credit cards, but the big hit was the dollars in fradulent activity and the amount of reimbursement to members. Graham reported that Desert Schools became proactive, and deployed new technologies to monitor accounts. With these systems in place on an account-by-account basis, 2014 data breaches resulted in far fewer cards needing to be reissued.

CUNA, which represents 90 percent of the 6,700 U.S. credit unions, plans to take the issue to Congress and seek legislation to protect members' values.

Credit unions are also facing impacts from the Dodd-Frank legislation, said Nussle and Earl.

"Even though most credit unions are under the $10 billion threshold they still need to adapt the same kinds of record-keeping as large banks," said Earl. "This is especially true with mortgage paperwork. The volume of paperwork and the cost is astounding."

No comment yet.