DMA Asks Congress to Pass National Breach Notification Law

On January 30, 2014, the DMA Board of Directors unanimously approved the addition of enhanced data security provisions to DMA's Guidelines for Ethical Business Practice and called on every data-driven marketer to take proactive measures to further enhance data security across the DDME:

• Develop and implement a data integrity and governance program;
• Read and use in all marketing practices the principles and guidance outlined in the updated Guidelines for data security and other marketing practices issues by DMA as part of our public trust with consumers;
• Continue to work through DMA with policymakers to enact a national standard for data breach notification, in keeping with DMA's long-standing support for passing of a federal breach notification law; and
• Work with internal and industry stakeholders to identify additional data security measures and practices to help reduce the risk of data breaches across the DDME.

The data security enhancements to DMA's Guidelines for Ethical Business Practice expand a self-regulatory code that has provided data-driven marketers with generally accepted principles of conduct and formed the basis for industry-wide self-regulatory enforcement for more than forty years. The updates are in the areas of data security, mobile applications, and retailer data. The updated Guidelines speak directly to the issue of data security, recommending that datadriven marketers consider an information management program that addresses Data Minimization, Retention, Access, Use, Communication, Storage and Disposal for all types of data collected and used.