The US has approved mandatory data breach reporting requirements that impose a 30-day deadline for non-banking financial organizations to report incidents.
The amendment to the Federal Trade Commission’s (FTC) Safeguards Rule, which aims to hold the US finance sector to high cybersecurity standards, will apply to entities including insurance companies, mortgage brokers, payday lenders, and car dealerships.
“Companies that are trusted with sensitive financial information need to be transparent if that information has been compromised,” said Samuel Levine, director of the FTC’s Bureau of Consumer Protection.
