With a new Congress and Administration, most policy experts would have agreed that there was little potential for sweeping new data security or breach notification standards. Yet, it appears that unexpected openings in the Congressional calendar has left room for some activity in the Senate on consumer privacy and cybersecurity. NMHC/NAA is tracking these issues carefully because apartment firms and their third-party service providers regularly collect, use and maintain sensitive financial and personal data about residents, prospective residents and employees that leave them vulnerable to cyber incidents. Currently, NMHC/NAA member companies must comply with a patchwork of 47 different state laws that govern this space.
A centrist working group in the Senate has been trying to hammer out a compromise bill for two years and recently seized upon concerns raised over the Trump Administration actions rescinding broadband privacy regulations. This group includes Democratic Senators Carper, Feinstein, Warner, and GOP Senators Grassley, Thune, and Blunt. The goal of their effort is to put together a compromise data security and breach notification package that could be palatable for the financial, retail, and main street-type industries and provide robust protection for consumers. While a deal has not yet been reached, it appears that discussions will continue over the next month and that bipartisan group could potentially release a draft bill in the near future before being considered by the Senate Commerce & Judiciary Committees.
No substantial action has taken place in the House this year, yet NMHC/NAA continue to raise the issue with both House and Senate leaders and express concerns about any legislation that imposes overly burdensome requirements on businesses without regard to their scope and size. NMHC/NAA continue to work to ensure that any proposal that moves forward recognizes the unique nature and needs of our industry while ensuring the data we use as an industry is secure.
Additional information on data security, including a white paper with best practices, can be found at www.nmhc.org/data-security.
- California Data Privacy Regulations Finalized
- California Privacy Law Enforcement Nears
- NMHC and NAA Letter to the Cyber and Infrastructure Security Agency
- California Releases New CCPA Compliance Guidance – Senator Moran introduces Federal Privacy Standard Legislation
- California Issues Updated Proposed Rules on Privacy