TX, MN push data protection

Share this content:

From misplaced or stolen laptops to the sophisticated penetration of computer networks by teams of hackers, hardly a day goes by without news coverage of a data breach resulting in the compromise of sensitive data.

In the wake of these publicized breaches, two states, Texas and Minnesota, are moving forward with legislation that sets tougher standards for what information can be stored or shared by organizations and establish penalties in the event of a breach. Other states are sure to follow. This legislation ensures direct marketers - with their dependence on credit card transactions and sophisticated customer data - will remain firmly in the crosshairs of both regulators and cyber criminals.

The Texas legislation, HR 59, deals primarily with measures state entities must take to safeguard Social Security numbers against disclosure to the public. For direct marketers, the key provision of the bill, currently in the Texas House of Representatives, is its prohibition against using Social Security numbers as all-purpose unique identifiers.

The Minnesota law, however, should be of greater concern to direct marketers. It is the first US law to dictate harsh penalties for organizations that improperly retain credit and debit card information that is subsequently compromised in a data breach. The Minnesota law makes it illegal for any person or entity conducting business to retain certain identifying information from a debit or credit card subsequent to the authorization of the transaction.

If a person or entity violates the above prohibition and there is a breach of the person's or entity's security system, then that person or entity must reimburse the financial institution that issued any cards affected by the breach for the costs of reasonable actions undertaken by the financial institution as a result of the breach to protect the information of its cardholders or to continue to provide services to cardholders, including, but not limited, certain costs incurred in connection with the breach. Although retailers must comply with the law starting August 1, they will not be liable for violations that occur before August 1, 2008.

Direct marketers should ensure that their data-retention practices conform to applicable state and federal laws as well as their agreements with credit card companies. They should also verify and vigilantly maintain the security of their computer networks. Although these compliance efforts are costly in both capital and time, the costs pale in comparison to those of the litigation, legal penalties and loss of sales that could result from a data breach.

As citizens and legislators become increasingly incensed over the proliferation of data breaches, direct marketers and other organizations that handle customer data can only expect data security regulations and the penalties for breaches to become more severe. Anyone who handles credit card transactions will remain a target of both the regulatory and criminal communities for some time to come.


Next Article in Marketing Strategy

Sign up to our newsletters

Company of the Week

Since 1985, Melissa has helped thousands of companies clean, correct and complete contact data to better target and communicate with their customers. We offer a full spectrum of data quality solutions, including global address, phone, email, and name validation, identify verification - available for batch or real-time processes, in the Cloud or on-premise. Our service bureau provides dedupe, email/phone append and geographic/demographic append services for better targeting and insight. For direct mailers, Melissa offers easy-to-use address management/postal software, list hygiene services and 100s of specialty mailing lists - all with competitive pricing and excellent customer service.

Find out more here »

Career Center

Check out hundreds of exciting professional opportunities available on DMN's Career Center.  
Explore careers in digital marketing, sales, eCommerce, marketing communications, IT, data strategies, and much more. And don't forget to update your resume so employers can contact you privately about job opportunities.

>>Click Here

Relive the 2017 Marketing Hall of Femme

Click the image above