Implementing Information Safeguards Under Gramm-Leach-Bliley

GLBA

The Gramm-Leach-Bliley Act (GLBA) contains a rule, known as the Safeguard Rule, under which the Federal Trade Commission and other federal agencies have established standards for financial institutions relating to administrative, technical, and physical safeguards for customer information. The objectives are to ensure the security and confidentiality of customer records and information, protect against threats or hazards to the security or integrity of such records, and protect against unauthorized access to or use of such records that could result in substantial harm or inconvenience to any customer.

The rule requires financial institutions to develop, implement, and maintain a comprehensive information security program that contains administrative, technical, and physical safeguards. As part of its program, each financial institution must designate an employee or employees to coordinate its information security program. They must identify internal and external risks to the security, confidentiality, and integrity of customer information and assess the adequacy of safeguards, assure that contractors or service providers are capable of maintaining appropriate safeguards for customer information, and adjust the information security program in light of developments that may materially affect the entity's safeguards.

> Read entire article (log in required - registration is free)