Gramm-Leach-Bliley Act

The Gramm Leach Bliley Act (GLBA) is a comprehensive law affecting institutions and departments that deal with financial information which includes nonpublic personal information such as addresses and phone numbers; bank and credit card account numbers; income and credit histories; and Social Security numbers.

Requirements
The GLBA includes requirements to protect the security, integrity, and confidentiality of this consumer information. To be GLBA compliant, organizations must develop, implement, and enforce a comprehensive information security program including administrative, technical, and physical safeguards as determined appropriate for the institution and data. In addition to developing their own safeguards, organizations are responsible for taking steps to ensure that their affiliates and service providers safeguard customer information in their care.

The Gramm-Leach-Bliley Act of 1999 is also known as the Financial Services Modernization Act. It is intended to protect consumers and customers who obtain "financial products or services to be used primarily for personal or other household purposes". The Risk assessment is an important element of GLBA and the Federal Trade Commission has identified four areas that must be addressed:

(1) Information Systems,
(2) Employee Management and Training,
(3) Managing System Failures and
(4) Service Providers.

Download Free How To Comply with the Privacy of Consumer Financial Information Rule of The Gramm-Leach-Bliley Act
A Guide for Small Business from the Federal Trade Commission July 2002 The Gramm-Leach-Bliley Act seeks to protect consumer financial privacy. Its provisions limit when a "financial institution" may disclose a consumer's "nonpublic personal information" to nonaffiliated third parties. The law covers a broad range of financial institutions, including many companies not traditionally considered to be financial institutions because they engage in certain "financial activities."

Download Free Gramm-Leach-Bliley Act Information Security Program Templates. This templates covers:

1. Risk Identification and Assessment.
The Institution intends, as part of the Program, to undertake to identify and assess external and internal risks to the security, confidentiality, and integrity of nonpublic financial information that could result in the unauthorized disclosure, misuse, alteration, destruction or other compromise of such information. In implementing the Program, the Program Officer will establish procedures for identifying and assessing such risks in each relevant area of the Institution's operations, including:

The Gramm-Leach-Bliley Act (GLBA) was enacted by the United States government in 1999. GLBA, also known as the Financial Services Modernization Act of 1999, protects the privacy and security of private financial information that financial institutions collect, hold, and process. The privacy component of this act requires financial institutions to provide customers with an annual notice of their privacy practices, and to provide them the option to direct financial institutions not to share such information.

The safeguards component of the regulation requires financial institutions to establish a comprehensive security program to