The Gramm-Leach-Bliley Act (GLB act or GLBA) is also known as the Financial Modernization act of 1999. This is a federal law enacted in the United States to control how financial institutions handle private information of individuals. Companies that offer financial products or services such as loans, insurance or investment advice are commonly covered under this act.
Who enforces GLBA?
Generally speaking the FTC is responsible for the enforcement of GLB. Additional guidance on the Act can be found here.
The Safeguards Act within GLBA
The safeguards rule requires companies to develop a written security information plan that describes how they protect consumer information. Some of the common points of such a plan would be to elect a person with the organization to be responsible for compliance.
Select service providers that can help maintain and deliver appropriate safeguards. The Safeguards rule also places mechanisms to establish who has access to sensitive consumer data as well.
The importance of data encryption
Data encryption is an important tool in protecting consumer financial data. According to GLBA compliance protocol you should report the breach to your customers. The Bureau of Consumer Protection recommends data encryption not just for stored data but for email also.
How to become compliant with GLBA
Obviously it begins with engaging a professional organization to manage compliance for you organization. Our team of industry experts in compliance can establish a plan for your company protecting critical financial data.