Bankers inform DATCP Privacy and Security Advisory Committee

The most recent meeting of the Wisconsin Department of Agriculture, Trade and Consumer Protection (DATCP) Data Privacy & Security Advisory Committee continued the exploratory phase of the committee. During the Jan. 28 meeting, Tom Spitz, CEO of Settlers Bank, Windsor, representing the banking industry’s concerns on a panel of experts.

Spitz isn’t the committee’s only source of information regarding the banking industry. Marco Martinez, compliance officer at Associated Bank, currently serves on the committee and ensures other members understand the banking industry’s concerns regarding data privacy and a bank’s role in protecting their customers’ data.

Tom Spitz Marco Martinez

The nearly 30 members of the committee include representatives from a wide variety of consumer groups and a small number of business organizations, including WBA. DATCP plans to facilitate communication across stakeholders and to develop legislation that will address data security and data breach challenges facing consumers and businesses in Wisconsin.

The panel answering questions on Jan. 28 included Spitz; Scott Eganhouse, TEC Mailing Solutions, Bill Caraher, von Briesen & Roper, Chrisann Lemery, CL Consulting, and Scott Helberg, Sentry Insurance. During the meeting, each panelist described how their business approaches data security. Spitz spoke on behalf of Wisconsin’s entire banking industry. “So much of what we do goes beyond what the regulations require,” he said. “Realistically, doing what the regulations require doesn’t seem to cut it anymore. Now, it’s about meeting the expectations of our customers.”

Spitz also explained that security starts with staff. “It’s better to bring your staff up to speed on what it is you are trying to accomplish,” he said. “You can talk about the regs all day; it isn’t going to matter. You need to know what you should do to help and protect your customer.”

The panelists agreed that more legislation isn’t necessarily the solution. It may raise the minimum requirements for businesses, but data security threats transform every day, and no legislation is going to keep up. As one panelist asked: “How prescriptive do you want to be with a law? The law will be there for years, but the technology will be entirely different.”

Spitz put it best when he said, “Banking is built on trust. Everything we do with data security is aimed at protecting our customers and living up to that trust.”

This was a fact-finding session for the committee with members hearing from heavily regulated industries that already have processes in place for data retention and security. Committee members said they found this is to be one of the most informative sessions since the group’s inception.

The next meeting, scheduled for Feb. 25 in Wausau, will be another information-gathering session with the subsequent meetings designed to begin the real work of the committee. The goal is for the Advisory Committee to offer a series of recommendations that will be considered by DATCP late spring 2020.

Advisory Committee Objectives:

  • To identify and research possible changes to Wisconsin state law
  • To determine the efficacy of consumer data privacy initiatives
  • To consider how best to protect and secure information received by public and private entities in Wisconsin
  • To determine the business community’s readiness to adopt potential regulatory enhancements.