Today, the House of Representatives passed the Data Accountability and Trust Act, which sets national standards for the protection of consumer’s personal information like payment card numbers. More government regulation a good thing? Actually in this case it is.

We in the payments industry have been facing a patchwork of at least 40 state breach notification laws, each with varying requirements. The Data Accountablility and Trust Act will clearly preempt those state laws, and create a uniform national standard. Just as importantly, those entities (like merchant acquirers and ISOs) who are already subject to and compliant with more strict or “substantially similar” federal data security statues (like the Graham Leach Bliley Act’s Safeguards Rule or healthcare’s HIPAA) would be deemed in compliance with the standards under the bill.

So, if your firm is a payments industry player, a payments technology company, or anyone else trying to live up to the variety of state rules, this is a tremendous step forward. I recommend supporting the Senate to pass a matching bill so we can get this into law early next year.

You can see more at the Double Diamond Group website, including relevant payments industry news, information on our payments consulting practice, payments industry hot topics and more.

Technorati Tags: , , , , , , , , ,