What Should I Know Regarding The Gramm Leach Bliley Act GLBA
Many companies are deemed ‘financial institutions’ credit unions, banks, insurance providers, securities firms, and (believe it or not) Insurance Agents. Also check-cashing companies, mortgage brokers, debt collectors, and property appraisers,. Automobile dealers and some retailers that arrange or extend credit or issue credit cards will also be in the list.
The Gramm-Leach-Bliley Act is administered by the Federal Trade Commission, and compliance is compulsory.
There are exorbitant fines serious penalties for noncompliance: imprisonment for as much as five years or both.
Following is an instant look in the three fundamental elements of the GLBA.
Fiscal firms must describe their information sharing practices to any or all customers – the sorts of info they gather and what sorts of firms or businesses the info may be shared by them with. However financial companies have to offer a chance to opt out of the disclosure. It’s the customers’ right to determine when they do not need their advice given to third parties that are specific.
The financial institution must have processes and rules for securely ruining advice. Administration practices should be’ proper and practical’ such as using document shredding that private info can’t be read or reconstructed.
Here’s a checklist that financial institutions should know about:
Identify threats to evaluation and monitor safeguards, and customer data. There is a security audit advocated.
Train workers on best practices in destruction and protected file management, both in and from the workplace.
Apply a file management policy that restricts access to customer info, and tracks private info from storage and generation to destruction.
Choose service providers that offer secure file shredding services and keep safeguards. For instance, outsource record destruction to a trusted supplier using a safe chain of custody. For paper records, the shredding business should supply onsite or off site document shredding, risk-free removal of records, and locked containers. There ought to be a selection of a certification of destruction supplied after each shred, as well as shred sizes choices accessible.
Talk to the file shredding business.
Find out about legislation and the Gramm-Leach-Bliley Act as well as other privacy laws that the business should know about.
Join Our Newsletter