For more information, contact 

Maryland: Tell Your Legislators to Protect Consumer Data

The chief responsibility of credit unions and banks is to protect consumers’ money and personal information. For 20 years financial institutions have met the stringent data security standards required by the Gramm-Leach-Bliley Act. However, other entities that collect and process consumer information are not held to the same standards, putting sensitive personal data at risk and leaving consumers vulnerable.


Data breaches impact credit unions in a unique way due to our member-owner structure. Members are potentially affected both as an individual and as an owner. 


The Maryland Consumer Financial Protection Act of 2019 was recently introduced by the Maryland legislature. Credit unions have been working on the bill for 3 years with lawmakers and other stakeholders to create stricter and more consistent notification standards and to strengthen accountability standards.


We need your help to let state lawmakers know how credit unions feel regarding the following:


  • Remove the current ambiguity in the law that requires companies to complete an internal investigation prior to the established 45-day notification window for a data breach.

  • Instead, retain the 45-day notification window with the provision, “following the discovery of a data breach, unless law enforcement directs the business to delay notification.”


  • Provide credit unions and other financial institutions with the ability to recover costs through civil legal action against business entities and vendors that are breached and negligence is determined to be the cause of the breach.

You can review the entire bill here.