The 114th Congress took its first official action on March 25 to address data breaches when a House subcommittee marked up the discussion draft bill the “Data Security and Breach Notification Act of 2015.” Multifamily firms spend a great deal of time and resources protecting their businesses from data breach, and building their brands and reputations, so this is an issue that the industry continues to watch carefully.
The draft bill is sponsored by Representatives Marsha Blackburn (R-TN) and Peter Welch (D-VT) and creates a national data breach notification and security standard. It requires covered entities to notify consumers that a breach has occurred within 30 days of restoring a system’s integrity.
Additionally, the draft legislation would preempt the 47 state laws currently in place to govern how a business must protect consumers’ personal information, as well as the process for notification in the event of a data breach. Some consumer advocates have expressed concern that the national standard would weaken the consumer protections offered by stronger state laws. Supporters of a national standard seek a consistent, uniform standard that applies equally to all industries.
Congressional leaders have indicated that additional data breach and cyber-related proposals will be addressed this year, including legislation to address information sharing and liability protections.
NMHC/NAA encourages member companies to ensure adequate security policies are in place to protect consumer data and thwart cyberattacks as Congress looks to address cybersecurity legislation.
- FTC Commercial Surveillance and Data Security Comment Letter
- Legislation that Creates Federal Data Privacy Standard Advances to Senate
- NMHC NAA Data Privacy Letter to Energy and Commerce Committee
- NMHC NAA Letter on Data Privacy
- Bipartisan Lawmakers Release Federal Data Privacy Bill That Would Have Impact on Multifamily Data Practices