Useful tips

What do critics say about the Gramm-Leach-Bliley Act?

What do critics say about the Gramm-Leach-Bliley Act?

Indeed, many critics say the law has no teeth when it comes to privacy and security. With this in mind, businesses might fail to give GLBA compliance the required due diligence.

What is Title V of the Gramm-Leach-Bliley Act?

Title V, subtitle A, of this Act (15 U.S.C. § 6801 et seq.) requires the FTC, along with the Federal banking agencies and other regulators, to issue regulations ensuring that financial institutions protect the privacy of consumers’ personal financial information.

What information is protected by GLBA?

The personal information covered by the GLBA is termed “nonpublic personal information,” which means “personally identifiable financial information — provided by a consumer to a financial institution; resulting from any transaction with the consumer or any service performed for the consumer; or otherwise obtained by …

How do I comply with GLBA?

To be GLBA compliant, financial institutions must communicate to their customers how they share the customers’ sensitive data, inform customers of their right to opt-out if they prefer that their personal data not be shared with third parties, and apply specific protections to customers’ private data in accordance with …

Who enforces the GLBA?

Protecting Consumers’ Financial Privacy The FTC is one of the federal agencies that enforces provisions of Gramm-Leach Bliley, and the law covers not only banks, but also securities firms, and insurance companies, and companies providing many other types of financial products and services.

What information would be exempt from the privacy requirement of the Gramm-Leach-Bliley Act?

Data covered by the GLBA includes non-public personal information or personally identifiable information, such as names, addresses, and phone numbers, bank and credit card account numbers, income and credit histories, and Social Security numbers of customers.

What is required on a privacy notice?

Your notice must accurately describe how you collect, disclose, and protect NPI about consumers and customers, including former customers. Your notice must include, where it applies to you, the following information: Categories of affiliates and nonaffiliated third parties to whom you disclose the information.

What information must be included in the privacy notice?

The first thing to include in your privacy notice is the name, address, email address and telephone number of your organisation. If you’ve appointed a DPO (data protection officer) or EU representative, you should also include their contact details.

Share this post