In November 2018, Senators John Kennedy (R-LA) and Marco Rubio (R-FL) introduced the Small Business Credit Protection Act, which sought to provide protection for small businesses from data breaches. The bill came about in the wake of the Equifax data breach. The Small Business Credit Protection Act A quick summary of the Small Business Credit Protection Act highlights what the bill proposes. It says that the Fair Credit Reporting Act (FCRA) and various state laws give consumers certain rights when it comes to their credit. Congress even amended the Fair Credit Reporting Act to enhance the protection offered to consumers after the Equifax data breach that saw over 143 million personal data accounts hacked. Senators Rubio and Kennedy believe that small businesses in America don't enjoy the same level of protection. The FCRA excludes business credit from the same protections granted to consumers. Small businesses’ nonpublic information was part of the data exposed during the breach. The changes to further protect consumers from these breaches didn't extend to small businesses and sensitive information. Additionally, businesses don't get free credit reports from the credit reporting agencies like consumers do. Businesses have to pay anything between $40 and $100 to get their credit reports. The Small Business Credit Protection Act would direct all credit bureaus to do the following: \tInform small business owners within 30 days if their nonpublic personal data has been subject to a breach \tNot charge small businesses for their credit reports within 180 days following a data breach The bill seeks to hold credit bureaus accountable for any data breaches that may harm small businesses. Senators Kennedy and Rubio concur that while a lot has been done to protect consumers from such breaches, not enough has been done to protect small businesses. Why is the Small Business Credit Protection Act Necessary? Small businesses need protection against data breaches just as consumers do. The Fair Credit Reporting Act is comprehensive and takes into great account the rights of the individual consumer. For example, the FCRA lays out the parameters and standards for the kind of information included in a credit report. It also designates several other fundamental rights such as: \tThe consumer has the right to know what is in their file. \tThe consumer has the right for 1 free file disclosure per year from the major credit bureaus. \tThe credit reporting agencies must verify the accuracy of a consumer's credit report. \tThe consumer has the right to be notified if they’ve been denied credit. \tThe consumer has the right to challenge and correct any information that they deem incorrect or false in their report. \tThe consumer can remove outdated or negative information that is more than 7 years old and 10 years old in the case of bankruptcy. Originally passed in 1970 to ensure fairness, accuracy and consumer protection, the FCRA has been amended several times to increase protection given to consumers. Small businesses also use credit but are not afforded the same protections. The Small Business Credit Protection Act is similar to the Fair Credit Reporting Act but is intended for small businesses. Even though the act can't stop these breaches from happening, it does give small business owners more rights. It puts them in a better position to protect their credit and their sensitive information. How did the Equifax Hack Affect Small Businesses? The Equifax data breach of 2017 — possibly the main catalyst that necessitated the need for a Small Business Credit Protection Act — affected over 143 million Americans. Sensitive information was stolen such as: \tSocial Security numbers \tHome addresses \tPhone numbers \tTax identification numbers \tEmail addresses \tAdditional license information All of this data became available to hackers who could use it to commit identity theft or sell it to people who would use it for the same purpose. Unfortunately, very little has been said about how the breach affected business owners who were also hacked. The Equifax breach affected business owners by: \tCausing business owners a lot of stress. One of the main reasons why a lawsuit was brought against Equifax following the massive data breach of 2017 is because many business owners spent countless hours worrying about identity theft stemming from the information that was stolen. As a business owner, you may agree that you have a lot on your plate. Having to worry about your credit probably adds a lot of stress and takes time when you would probably rather be focusing on your business. \tExposing businesses to potential losses. If a hacker gets their hands on your sensitive data, your accounts could be compromised. Someone could choose to max out your business credit card or fraudulently apply for loans, possibly leaving your business responsible to pay everything back or ruining your business credit score. While it's true that you can challenge these actions, the truth is that this can take a lot of time. While waiting for a resolution, your business operations may be hampered, resulting in additional losses. The Small Business Credit Protection Act seeks to make it easier for you to handle fraudulent activity. Without this bill, it can be difficult for business owners to keep close tabs on their credit reports because they are not as easily accessible as they are for consumers. This bill will offer some relief to small business owners since they will be alerted if a similar breach occurs. They wouldn't be charged for their credit reports, making it easier to stay on top of things. It may save small business owners a lot of stress and allow them to focus more on business operations.