|
 |
 |
 |
 |
|
Guidelines Establishing Standards for Safeguarding Customer Information - OCCGramm-Leach-Bliley Act (GLBA)Office of the Comptroller of the Currency (OCC)Identity Theft The purpose of this bulletin is to alert you to the joint-agency issuance of the attached final "Guidelines Establishing Standards for Safeguarding Customer Information" and to highlight provisions of these guidelines. The guidelines are mandated by Section 501 of the Gramm-Leach-Bliley Act of 1999 (GLBA), and are effective July 1, 2001. The guidelines affect all national banks, federal branches and federal agencies of foreign banks, and any subsidiaries of such entities (except brokers, dealers, persons providing insurance, investment companies, and investment advisors).1 The guidelines describe the Office of the Comptroller of the Currency's (OCC's) expectations for the creation, implementation, and maintenance of a comprehensive information security program. BACKGROUND Section 501 of the GLBA requires the OCC and other federal banking agencies to establish appropriate standards for the administrative, technical, and physical safeguards for customers' "nonpublic personal information." The OCC has done so by issuing guidelines that require each national bank to establish an information security program.
A bank's information security program must be designed to ensure the security and confidentiality of customer information, protect against any anticipated threats or hazards to the security or integrity of such information, and protect against unauthorized access to or use of such information that would result in substantial harm or inconvenience to any customer. |
||||||||||||||||||||||||||||||
RSS Syndication