|
Word Count: 450 Database Hacks - Are Banks Required To Notify You?
Ever wonder if banks are required to tell customers when their systems are
hacked? You may be shocked to learn that they are not. The only exception to
this standard has been database hacks that effect California residents.
Companies doing business in California are required to give such notice under
the California Security Breach Information Act. The situation is changing
quickly on the federal level.
Regulations have been issued by federal finance agencies that now force banks
to tell customers when their personal data has been exposed to unauthorized
third parties. The regulations are issued pursuant to the Gramm-Leach-Bliley
Act, which contains language requiring financial institutions to prevent
unauthorized access and use of consumer information.
The new regulations appear to be a reaction to several recent high-profile
data leaks. They include incidents such as Bank of America losing data tapes
containing information for over 1 million government employees and the breach of
databases for LexisNexis and ChoicePoint. It is well known that numerous other
banks have also been hacked over the years, but the information has been hushed
up.
The new regulations require financial institutions to notify account holders
if the institution becomes aware of unauthorized access to sensitive customer
information. The directives apply to banks and savings and loan companies, but
not credit unions.
There are two serious loopholes in the regulations. First, a financial
institution that discovers a database breach must only notify account holders if
it is "reasonably possible" that personal details will be misused. Second, the
regulations only apply to personal data, not business or commercial accounts.
While these new regulations are a positive step, one could drive a truck
through the two loopholes. Determining whether it is “reasonably possible” that
your information will be misused is a vague standard that many financial
institutions will use to withhold information. Put bluntly, the notification
regulations are gutless.
The best method for keeping an eye on database breaches is to look for
stories in the news. Under California law, companies are required to give notice
to California residents when breaches occur. If you see a story about your bank
giving notice of a hack to California residents, your personal information may
have also been exposed. Hackers do not restrict their attacks to California
residents.
Article Source: www.webraydian.com
About The Author
Richard Chapo is an attorney with
http://www.sandiegobusinesslawfirm.com - a law firm providing legal advice
to California businesses. This article is for general education purposes and
does not address every facet of the subject matter. Nothing in this article
creates an attorney-client relationship.
|
Read Articles 
