On May 5, Virginia Governor Terry McAuliffe signed Executive Directive 5 (2015), which requires the state’s technology and finance secretaries, treasurer and comptroller to update Virginia’s main purchasing card program to include advanced chip-and-pin technology by December. The Directive notes that many of Virginia’s political subdivisions and authorities have already converted purchase card programs to […]
Financial Privacy
CFPB’s Final Rule Allows Online Privacy Notice Posting In Certain Circumstances
The Consumer Financial Protection Bureau (CFPB) recently published a final rule regarding annual privacy notices from financial institutions to their customers. The rule allows financial institutions that limit their consumer data-sharing and meet other requirements to post their annual privacy notices online rather than delivering them individually. Under the Gramm-Leach-Bliley Act (GLBA), financial institutions generally […]
European Data Protection Supervisor Releases Guidelines on Data Protection for Financial Services Regulation
The European Data Protection Supervisor has released guidance to European financial services regulators to help them analyze data protection and privacy in the financial services arena. The guidance sets forth a 10-step methodology to “facilitate policymaking which respects the fundamental rights and freedoms in the [EU Charter of Fundamental Rights] and in particular the rights […]
PCI Security Standards Council Publishes Third-Party Security Assurance Guidance
The Payment Card Industry Security Standards Council (PCI-SSC) today released recommendations for meeting the PCI Data Security Standard (PCI-DSS) when sharing cardholder data with third party service providers. PCI-DSS requires a merchant or other entity in entrusted with cardholder data to ensure that cardholder data continues to be protected when it is provided to a […]
U.S. Treasury Secretary Lew Emphasizes Cyber-Risks for Financial Institutions
In remarks delivered earlier this month, U.S. Treasury Secretary Jacob Lew highlighted the dangers of “cyber intrusions” to financial institutions. Secretary Lew cited more than 250 cyber attacks against U.S. banks and credit unions since 2011, as well as recent hacks and credit card thefts against major retailers. “Cyber attacks on our financial system represent […]