Close Close
Sign In
Newsletters
Popular Financial Topics Discover relevant content from across the suite of ALM legal publications From the Industry More content from ThinkAdvisor and select sponsors Investment Advisor Issue Gallery Read digital editions of Investment Advisor Magazine Tax Facts Get clear, current, and reliable answers to pressing tax questions
Luminaries Awards
Podcast Center Video Center Webcasts Resource Center Events
About ThinkAdvisor Contact Us Advertise With Us Asset & Logo Licensing Sitemap Terms of Service Privacy Policy Copyright © 2024 ALM Global, LLC. All Rights Reserved.
ThinkAdvisor

Retirement Planning > Social Security

Panel OKs Data Measure

By Arthur D. Postal

X
Your article was successfully shared with the contacts you provided.

Members of the U.S. House Financial Services Committee voted 48-17 Thursday to approve H.R. 3997, a bill that could affect how insurers respond to breaches of customer data security.

The bill, the Financial Data Protection Act of 2005, continues to face attacks from some Democrats, who want to strengthen protections for individuals affected by breaches of data security.

The American Council of Life Insurers, Washington, also is expressing concerns about H.R. 3997.

H.R. 3997 does not provide a clear, preemptive standard for life insurers with respect to investigation and notice of security breaches, the ACLI says.

“Clarity and uniformity are vital in this area,” says ACLI Jack Dolan. “Unfortunately, the legislation may open the door to various approaches in the states to when investigations of potential data breaches need to be launched, and when consumers need to be notified. ACLI does not think it wise for consumers in one state to enjoy protections unavailable to consumers in another state.”

Variations in state data security rules could also raise costs for insurers, Dolan says.

Several Senate committees share jurisdiction over data security. The Senate Banking Committee says it will take up the issue this spring.

H.R. 3997 establishes the investigation and notification process that insurers and other financial service companies would have to follow after learning of a data breach. Affected companies would have to warn customers, law enforcement agencies and credit-reporting agencies when there was a breach.

Under language hammered out in the past week by congressional staff, the bill had required investigations and notification when the unauthorized use of data was likely to result in “substantial harm or inconvenience” to consumers.

Insurers were successful in modifying the manager’s amendment to remove the word “substantial” from language in the provision referring to what would trigger notification procedures and other safeguards for consumers.

The insurance industry also defeated efforts to provide state attorneys general with enforcement authority, weaken overall preemption, and remove the preemption applicable to credit freezes.

NOT FOR REPRINT

© 2024 ALM Global, LLC, All Rights Reserved. Request academic re-use from www.copyright.com. All other uses, submit a request to [email protected]. For more information visit Asset & Logo Licensing.