Description

---

Credit bureaus play a valuable role in our financial system by helping financial institutions assess a consumer's ability to meet financial obligations and also facilitating access to beneficial financial products and services. The inherent nature of the credit bureau business, as with most businesses in this digital age, requires utmost data security measures to ensure that sensitive consumer information is safeguarded. Recently], Equifax testified about the methods it uses to protect its consumer data bases, such as encryption at rest and tokenization. Former Equifax CEO Richard Smith noted that while some of Equifax's data bases are encrypted at rest, the dispute portal that was compromised was not. Questions remain about the best ways to protect sensitive data, including: Are there data security industry standards and best practices at credit bureaus? Should tools like encryption at rest be employed to protect all data containing sensitive consumer information? What role do financial institutions and Federal agencies play in data security at credit bureaus? Given that credit bureaus are financial institutions under the Gramm-Leach-Bliley Act, how does data security, testing, and oversight by regulators compare to that of traditional financial institutions? There are also many concerns regarding company response to data breaches. The Equifax breach has left more than 145 million consumers a little confused as to what can be done to mitigate damage to their identities and credit.