Beginning in April 2022, banking organizations and bank service providers will be subject to the shortest regulatory breach notification reporting time frame of any law to date – 36 hours.

Updates on the Evolving Data Protection Landscape
Beginning in April 2022, banking organizations and bank service providers will be subject to the shortest regulatory breach notification reporting time frame of any law to date – 36 hours.
Potentially.
Some consumers may assume that a company owns the payment card-related information that it collects when it accepts payment cards (e.g., credit or debit cards). In order to process payment cards, however, a company typically must enter into a written contract with a payment processor or merchant-bank. Those contracts often specify that payment card-related…