• Home
    Home We Serve America's Restaurants Representing nearly 500,000 restaurant businesses, we advocate for restaurant and foodservice industry interests and provide tools and systems that help members of all sizes achieve success.
  • Foundation
    Foundation Building & Retaining Talent The NRAEF is focused on developing a stronger workforce and building the next generation of industry leaders through education, scholarships and community engagement.
  • Show 2018
    Show 2018 May 19-22, 2018 As the international foodservice marketplace, the National Restaurant Association Show provides unparalleled opportunities for buyers and sellers to come together, conduct business and learn from each other.
  • ServSafe
    ServSafe Minimize Risk. Maximize Protection. For over 40 years, ServSafe® training programs have delivered the knowledge, leadership and protection that have earned the trust and confidence of business leaders everywhere.

National Restaurant Association - NRA joins Iowa association in opposing state PCI data security bill

Skip to navigation Skip to content

News & Research

Share:
Email Print
News RSS

NRA joins Iowa association in opposing state PCI data security bill

The National Restaurant Association recently joined the Iowa Restaurant Association in opposing state legislation codifying the Payment Card Industry Data Security Standards.

The two associations expressed concern over the legislation, which currently is under consideration by an Iowa legislature Senate commerce subcommittee by filing a joint statement outlining some of what they say is wrong with the bill.

“Protecting restaurant customer data is a top priority for our industry as we strive to ensure our customers feel safe and secure patronizing our establishments,” the associations said. “Data security is a serious issue and one that we do not approach lightly. However, there are some significant shortfalls with the current approach to data security espoused by the PCI Council and their data security standards. Lack of any regulatory oversight of these standards has resulted in a system that is harmful to Main Street merchants and, ultimately, our customers.”

Some of the concerns expressed by the associations are tied directly to standards they say are too complex and costly to comply with.

“First and foremost, the standards are overly complex and the procedures to meet compliance … are beyond the typical business skills of most small business owners,” they said. “Our industry has tried to pursue constructive changes to the standards to simplify the compliance process without compromising any security features. However, the PCI Council, made up of banks, bank-owned card processing companies, equipment manufacturers and private data security vendors, has expressed limited receptivity to our proposals. While some individual card brands appear more receptive to alternative solutions for small merchants, the PCI Council, as the governing body of the PCI data security standards, has not.”

The two associations further indicated that even though a number of restaurateurs and other small business operators are willing to comply with the standards, that compliance does not guarantee any liability protections in the event of a breach.

“We know our industry and our members, and this standard is not working for them,” the associations said. “The National Restaurant Association and the Iowa Restaurant Association strongly oppose codifying the Payment Card Industry Data Security Standards. We do acknowledge that data security is a serious issue and our members who are breached are victims of financial and technology crimes. They are not the criminals and, as such, should not be singled out to bear the liability for a criminal action perpetrated against them. … Nor should the victims of a breach be subject to fines and restitution to multibillion dollar corporations who invented the payment system our members are forced to use.”

Conserve RSS Healthcare RSS Conserve RSS

▲ Back to Top

New report

Spot Ad right

We're glad you're here!®

® 2012-2017 National Restaurant Association. All rights reserved.

2055 L St. NW, Suite 700, Washington, DC 20036
(202) 331-5900 | (800) 424-5156