The Gramm-Leach-Bliley Act (GLBA) Compliance
The Gramm-Leach Bliley Act, enacted in 1999, governs the collection and disclosure of consumers’ personal financial information.
This law applies to the following industries:
- Banking and credit unions
- Securities firms
- Insurance companies
- Real estate settlement services
- Mortgage brokers
- Auto dealers
- Debt collections
- Financial and credit counseling
- Money services
- Tax preparers
- Lenders
- Other
The GLBA enforces the Financial Privacy Rule, the Safeguards Rule, and “pretexting” provisions, among the companies above, that are considered “financial institutions,” because they provide financial products and services to consumers.
The Financial Privacy Rule requires covered companies to give their customers privacy notices that explain their information collection and sharing practices. The rule also gives customers the right to limit some sharing of their information, and limits how financial institutions may use that information with respect to direct marketing, telemarketing, emailing and other data handling practices.
The Safeguards Rule requires all financial institutions to design, implement and maintain safeguards to protect customer information. The Safeguards Rule requires institutions and companies that handle personal financial data to have a security plan to protect the confidentiality and integrity of personal consumer information.
The Pretexting provisions of GLBA protect consumers from individuals and companies that obtain their personal financial information for false purposes.
Adhering to GLBA involves understanding your business processes around the collection and maintenance of consumer’s financial data. It also entails understanding your physical security processes as well as IT systems and how consumer data is stored, accessed and maintained within.
For more information on how the consumer is to be protected under GLBA, click here:
http://www.fdic.gov/consumers/consumer/alerts/glba.html
|