<img src="https://ws.zoominfo.com/pixel/pIUYSip8PKsGpxhxzC1V" width="1" height="1" style="display: none;">
Article

GLBA Compliance

Risk & Compliance

GLBA Compliance

Posted by Ncontracts on Oct 30, 2018 11:50:00 PM

The Gramm-Leach Bliley Act went into effect in 1999. Also known as the Financial Modernization Act, it mandates that financial institutions explain to customers how they share their financial information. To be GLBA compliant, these institutions must communicate with their customers to inform them as to how they share data and make them aware that they have the right to opt out if they prefer their data not be shared. Specific protections should also be applied to customer data in accordance with a written information security plan created by the institution.

The type of information the GLBA protects includes nonpublic personal information including Social Security number, credit and income history, credit and bank account numbers, phone numbers, addresses and any other information that is given to them that may not be public. Institutions must also create an information security plan describing how they work to protect their customers’ information. The security plan must be tailored according to the institution’s size, operations, and complexity as well as the sensitivity of the customer’s information.

For financial institutions to be GLBA compliant, they must follow a set of guidelines which are as follows:

  • They must designate one or more employees to coordinate an information security program.

  • They must identify and assess risks to the customer’s information in the company’s operation and evaluate the effectiveness of the current safeguards in place.

  • They must design and implement a safeguard program that is regularly monitored and tested.

  • They must select service providers that maintain these safeguards and oversee the handling of customer information.

  • They must evaluate and adjust the program as needed according to changes made in the business’s organization or security testing and monitoring procedures.

Being GLBA compliant is not only a necessary part of doing business as a financial institution, but it can also help to gain a customer’s trust and loyalty. Find out more about GLBA compliance by looking up their safeguards rule so you can see how financial institutions work to protect their customers.

 

Related: What Is A Compliance Management System And Why Your FI Needs One

Topics: Risk & Compliance, Integrated Risk Blog, Regulatory Compliance Management,

Share This Page
Search Blog
    subscribe to nsight blog