WASHINGTON (9/20/11)--The Senate Judiciary Committee adopted an amendment late last week to exempt credit unions and other financial institutions that are in compliance with Gramm-Leach-Bliley notification requirements from the data breach notification provisions of a Senate data security bill. That bill, the Personal Data Privacy and Security Act (S. 1151), proposes to establish national standards for data security and data breach notification and already exempted Graham-Leach-Bliley compliant institutions from data security requirements contained in the bill. In advance of the amendment vote, CUNA wrote to the judiciary panel’s leadership and warned, in part, that S. 1151, and a similar pending bill S. 1408, could create an unnecessary duplicative regulatory burden for credit unions. “As you know, credit unions are already subject to very robust data security and data breach notification requirements under the Gramm-Leach-Bliley Act, subject to the supervision and enforcement of the National Credit Union Administration (NCUA) or the state supervisory agencies,” CUNA President CEO/Bill Cheney wrote. “We are concerned that neither S. 1151 nor S. 1408 extends a similar exemption to the bills’ data breach notification requirements. These requirements, if applied to credit unions, would be largely duplicative of current regulatory requirements and increase the cost of compliance to the detriment of credit unions and their members,” the CUNA leader added. Use the resource link to read CUNA’s complete letter.