The Senate Committee on Commerce, Science, and Transportation, held a hearing this week entitled “Examining Safeguards for Consumer Data Privacy,” which looked at issues surrounding consumer privacy and data security. While the hearing focused largely on the practices of social media and other tech companies to safeguard consumer information and data, some discussion extended to data security and privacy more generally.
In particular, Senators discussed recently enacted privacy standards in both Europe and California, which aim to increase consumer control over their digital footprint. Both measures have the potential to impact consumer data-intensive industries and businesses – like apartment firms – that use, collect and maintain sensitive consumer data.
The Senate is expected to further examine the issue in the coming weeks as it considers federal legislation that would require greater consumer input into how and when their data is shared and steps that businesses would need to take in the wake of a data breach.
NMHC/NAA are closely monitoring proposals such as these for their potential impact on the multifamily industry and will continue to work with Congress to create a federal data standard that recognizes the unique nature and needs of the rental housing industry while ensuring the data that our members collect, use and maintain is secure.
A number of resources to help secure a firms’ data and bolster its overall cybersecurity posture can be found at www.nmhc.org/data-security. Example resources include an industry white paper/guidance document on cyber security best practices, valuable cybersecurity tools from the Federal Trade Commission, and a sharable guide to “Social Engineering Red Flags” that can help educate employees about cyber pitfalls.
Additionally, NMHC works with the Real Estate Information Sharing and Analysis Center (RE-ISAC) to distribute regular email alerts of malicious cyber activity that could impact multifamily firms, their data or residents. NMHC members can sign up for the cybersecurity notification system to learn of real-time cyber threats.