WASHINGTON (9/15/11)--Pending Senate data breach legislation may “create an unnecessary duplicative regulatory burden for credit unions,” the Credit Union National Association (CUNA) has warned in a letter sent to members of the Senate Judiciary Committee ahead of today’s scheduled markup session. The markup session will focus on S. 1151, which would establish national standards for data security and data breach notification, and S. 1408, which would establish a data breach notification standard similar to the requirements of S. 1151. CUNA in the letter noted that “credit unions are already subject to very robust data security and data breach notification requirements under the Gramm-Leach-Bliley Act, subject to the supervision and enforcement of the National Credit Union Administration or the state supervisory agencies.” The national standards proposed by S. 1151 and S. 1408 ”would be largely duplicative of current regulatory requirements and increase the cost of compliance to the detriment of credit unions and their members,” the letter adds. The role credit unions take in protecting their members’ personal financial information was also covered in the letter. “Credit unions often absorb not only the actual costs, but also the reputational costs, associated with data breaches caused by merchants and other entities, notifying the member that a breach has occurred, canceling and reissuing debit and credit cards exposed during the breach, and monitoring accounts for fraudulent activity that may have occurred as a result of the breach,” CUNA said. Noting that many of these actions are taken by credit unions to help their members deal with merchant mistakes or neglect, CUNA also encouraged the legislators to consider adding language that would require the entity that is subject to a data breach cover fraud and other costs associated with the data breach. “There may be no better enforcement mechanism to ensure merchant compliance with data security standards than to make it clear that they will pay the costs of those affected by their negligence, including credit unions and their members,” the letter said. For the full letter, use the resource link.