The Gramm-Leach-Bliley Act (GLBA) requires financial institutions or organizations who offer financial services to take the appropriate measures to safeguard customer data.
Framework Summary
The Safeguards Rule is a key component of the GLBA and outlines requirements for compliance.
According to the FTC website, under the Safeguards Rule each company must:
Designate one or more employees to coordinate its information security program.
Identify and assess the risks to customer information in each relevant area of the company’s operation, and evaluate the effectiveness of the current safeguards for controlling these risks.
Design and implement a safeguards program, and regularly monitor and test it.
Select service providers that can maintain appropriate safeguards, make sure your contract requires them to maintain safeguards, and oversee their handling of customer information.
Evaluate and adjust the program in light of relevant circumstances, including changes in the firm’s business or operations, or the results of security testing and monitoring.
By clicking “Accept All Cookies”, you agree to the storing of cookies on your device to enhance site navigation, analyze site usage, and assist in our marketing efforts. View our Privacy Policy for more information.
