The Independent Community Bankers of America (ICBA) is encouraging Congress to require all entities handling personal information safeguard such similarly
to how it is protected at financial institutions.
ICBA officials recently forwarded correspondence to the Senate Banking Committee, noting privacy standards like those mandated under the Gramm-Leach-Bliley Act should apply to third-party contractors, credit bureaus such as Equifax, retailers and other non-bank entities with access to personal information and federal regulators themselves.
In order to most effectively secure customer data and protect consumer privacy, all entities that store or process sensitive personal information or have access to customer financial information should be subject to standards such those created by the Gramm-Leach-Bliley Act.
“Community banks and other financial institutions are required by statute and regulation to safeguard personally identifiable information,” Rebeca Romero Rainey, ICBA president and CEO wrote in a letter to Senate Banking Committee chairman Mike Crapo (R-ID) and ranking member Sherrod Brown (D-OH). “To ensure consumers receive enhanced protection of their personal information, all entities that handle personal information should be required to safeguard this information, in a manner comparable to financial institutions.”
The ICBA letter also calls for non-bank entities that access customer account information to be held responsible for ensuring the security of the customer information they are accessing and liable for any data breach and consumer harm they cause.