2018 Hill Agenda Includes a Hard Look at Data Security
Although past legislative efforts to address data security and breach notification requirements have fallen short, there is a growing, bipartisan consensus that something must be done which could make cybersecurity a priority issue in 2018. The House and Senate held numerous oversight hearings in 2017 and lawmakers have released a variety of competing proposals to bolster data security and breach notification requirements.
The Senate Commerce, House Energy and Commerce and House Financial Services Committees hold jurisdiction over the issue and their members are looking to forge a sensible path forward. NAA/NMHC have engaged in early discussions with members of these committees to share insight into how the industry uses consumer data and how it protects it.
Currently, multifamily companies, many of which own or operate properties in a variety of states, must comply with a patchwork of 48 different state laws that address data security and privacy. Given the complexity of this regulatory framework, apartment firms would benefit from efforts to lessen the compliance burden that a national approach could provide. Additionally, while multifamily owners and operators strongly support efforts to safeguard a consumer’s personal information, NAA/NMHC continue to express concerns about any legislation that imposes overly burdensome requirements on businesses without regard to their scope and size.
NAA/NMHC have also expressed the industry’s concerns about the nature of mandatory security standards, disclosure thresholds, the notification process and liability. NAA/NMHC will continue to work to ensure that any cybersecurity proposals recognize the unique nature and needs of the multifamily industry while ensuring the data our members use is secure.