Gramm-Leach-Bliley Act
The Gramm-Leach-Bliley Act requires financial institutions – companies that offer consumers financial products or services like loans, financial or investment advice, or insurance – to explain their information-sharing practices to their customers and to safeguard sensitive data. The GLB Act includes the Financial Privacy Rule, the Model Form Rule, the Safeguards Rule, and provisions that prohibit pretexting.
Featured
Copier Data Security: A Guide for Businesses [PDF]
Does your company keep sensitive data — Social Security numbers, credit reports, account numbers, health records, or business secrets? If so, then you’ve probably instituted safeguards to protect that information. Your information security plans also should cover the digital copiers your company uses.
Financial Institutions and Customer Information: Complying with the Safeguards Rule [PDF]
Under the Safeguards Rule, financial institutions must protect the consumer information they collect. Learn if your business is a “financial institution” under the Rule. If so, have you taken the necessary steps to comply?
Getting Noticed: Writing Effective Financial Privacy Notices [PDF]
Financial institutions are required to explain their privacy practices and tell consumers their rights. An effective privacy notice – one that encourages feedback, is easy to read, and uses graphics – can enhance confidence and trust. Are you communicating effectively with your customers?
How To Comply with the Privacy of Consumer Financial Information Rule of the Gramm-Leach-Bliley Act [PDF]
Financial institutions covered by the Gramm-Leach-Bliley Act must tell their customers about their information-sharing practices and explain to customers their right to "opt out" if they don't want their information shared with certain third parties. Is your company following the requirements of the Privacy Rule?
In Brief: The Financial Privacy Requirements of the Gramm-Leach-Bliley Act [PDF]
The Gramm-Leach-Bliley Act requires many companies to give consumers privacy notices that explain the institutions' information-sharing practices. Do your privacy notices give a clear, conspicuous, and accurate statement of the company's practices?
Information Compromise and the Risk of Identity Theft: Guidance for Your Business [PDF]
These days, it is almost impossible to be in business and not have personally identifying information about your customers or employees. If this information falls into the wrong hands, it could put them at risk for identity theft. Find out the steps to take and who to contact if sensitive data is compromised.
Interagency Notice Research Project and Model Form Rule
The FTC, FRB, OCC, FDIC, SEC, NCUA, OTS, and CFTC have completed an interagency notice research project and rulemaking. The goal of the project was to develop, through consumer testing, privacy notices that consumers can understand and use to compare financial institutions’ information collection and sharing practices.
Peer-to-Peer File Sharing: A Guide for Business [PDF]
Most businesses collect and store sensitive information about their employees and customers. If you use Peer-to-Peer (P2P) file sharing software in your business, consider the security implications and minimize the risks associated with it.
Security Check: Reducing Risks to Your Computer Systems [PDF]
It’s just common sense that any company or organization that collects personal information from customers or employees needs a security plan. Learn more about designing and implementing a plan tailor-made to your business.
The FTC's Privacy Rule and Auto Dealers: FAQs [PDF]
Auto dealers that extend credit, arrange financing or leasing, or give financial advice must notify customers about the information they collect, who they share it with, and how they protect it. Are you following the rules of the road?
