Ramping up protections on consumer data has become an immensely popular issue in the wake of the stunning 2017 hack on credit-reporting company Equifax Inc. For example, IT compliance for financial institutions is now stricter than ever before as legislators look to prevent a major hack like the Equifax one from happening again. As such, a slew of bills moving through the Colorado Legislature would strengthen protections for consumer data privacy and give people more power over their credit histories as well as their children’s.
But those measures also threaten to increase corporate compliance costs significantly – and could go as far as preventing employers from doing background checks on job applicants. While we support the strengthening of data laws, we don’t want to see businesses suffer from them.
The Colorado Chamber’s Loren Furman said in her testimony that business leaders are worried about a section of the bill that would require duplicative reporting of information for companies like banks and hospitals that already have extensive reporting requirements to the federal government.
“Look, it’s a priority for all of us that we protect the information of the consumer no matter what,” Furman said. “But why do we have to duplicate that reporting at a state level?”
Wist said that he and Bridges are close to finalizing new language for the bill that states a business would be deemed to be in compliance with the new state reporting law if it already is in compliance with other state or federal reporting laws.
However, he said that he continues to believe the attorney general’s office should have to be notified – and choose to do what it wants with that information – if a massive breach affects consumer records.
Read the complete article by Ed Sealover in the Denver Business Journal.