News
From theCommittee on Small Business
Subcommittee on Finance and Tax
Melissa Bean, Chairwoman
News
From the
Committee on Small Business
Subcommittee on Finance and Tax
Melissa Bean, Chairwoman
For Immediate
Release
June 7, 2007
CONTACT: Brian Herman (Bean) - (202) 225-3711, Kate Gilman/ Austin Bonner, (202) 225-4038
Committee Examines the Impact of Data Security on Business
WASHINGTON – Melissa Bean (IL-08), Chairwoman of the Small Business Committee’s Finance and Tax Subcommittee, held a hearing today to examine data security issues, their impact on our nation’s entrepreneurs and the role small businesses can play in combating the growing problems surrounding ID theft. As the world becomes increasingly connected through the Internet, cyber crime is escalating, with the potential for worldwide theft and abuse of personal information. Over the past few years, tens of millions of records containing sensitive information have been compromised, leaving small businesses with the arduous task of protecting consumer information while contending with rising insurance costs.
“The issue of protecting customer data is daunting for any business, but is particularly challenging for small firms, which do not have the compliance departments of larger institutions,” Bean, said. “Entrepreneurs focused on their core business are challenged by the cost and complexity of preventing cyber crime and protecting the security of their business and customers.”
Data security breaches can be extremely expensive. A 2005 national survey of close to 10,000 adults who experienced personal data security breaches, found that nearly 20 percent ended their relationship with companies that maintained their data, while 40 percent were thinking about doing so in the future. In addition to this potential loss of customers, the cost of protecting a business against cyber crime is a major burden. Traditional liability insurance does not cover data breaches, making cyber insurance a necessity for full coverage. The high costs of cyber insurance put such coverage out of reach for smaller firms.
“Data security legislation should seek to allow small businesses to maximize the time spent serving and protecting their customers while minimizing regulatory burdens,” Chairwoman Bean said. “If the cost of insurance and regulatory compliance becomes too high, businesses may be forced to raise prices or discontinue product or service offerings, which would harm the very customers we’re trying to protect.”
Currently, financial institutions must comply with regulations under the Graham-Leach-Bliley Act regarding data security. At the same time, 35 states have enacted legislation dealing with the notification of customers, making compliance difficult and time consuming. During the hearing, the subcommittee heard testimony on the need for a clear, uniform security standard, allowing small firms to follow a single set of regulations and mitigate the time and cost associated with the varied levels of rules. Efforts such as this will avoid redundancy, while ensuring the needs of consumers and the business community are taken into account.
###