The Gramm-Leach-Bliley Act (GLBA)
What is GLBA?
Also known as the Financial Services Modernization Act, the Gramm-Leach-Bliley Act (GLBA) was enacted in 1999 to protect private consumer information held by financial institutions.
The GLBA requires banks to develop privacy notices and to provide customers with the option of prohibiting the sharing of their confidential information with non-affiliated third parties. On July 1, 2001, the Act was amended, requiring financial organizations to have a comprehensive, written information security program in place.
Who is affected by GLBA ?
The GLBA applies to virtually every business in the United States engaged in the “financial services” industry: institutions that provide financial products and services to consumers. This applies to all national banks and federal branches of foreign banks that are required to follow US banking regulations.
According to the Act, financial institutions are required to implement a comprehensive, written information security program that includes proper administrative, technical and physical safeguards, the nature of which are dependent upon the size and complexity of the organization. This requirement extends to any subsidiaries of the parent financial organization. The program must be designed to protect consumers’ non-public, personally-identifiable information by ensuring security and confidentiality of data, by preventing potential risks and threats to data, and by protecting against unauthorized access to or use of consumers’ private information.
When using service providers such as an outsourced document destruction company, financial institutions have a duty to safeguard their customers’ information while it is in the possession of the outsourced company. To adhere to this, the financial organization must use due diligence in selecting, managing and monitoring the service provider to ensure consumers’ private information is protected. This includes entering into contracts with an outsourcer when appropriate.
Your Partner in Regulatory Compliance.
By purging outdated files or placing one of our locked security consoles in your office, PROSHRED® can assist your company in maintaining a document disposal program that meets GLBA regulations. Using state-of-the-art technology, our highly trained and certified security professionals efficiently shred all documents right on your premises. We give you the option to watch the shredding process, and also provide you with a Certificate of Destruction that records each shred. Trust PROSHRED® as your partner in compliance with GLBA shredding requirements for maintaining your document security program.
For more information on the Gramm-Leach-Bliley Act (GLBA), please visit: http://www.ftc.gov/privacy/glbact/glbsub1.htm