Organizations Requiring Adherence to GLBA Information Security Standards
- Insurance Companies
- Insurance Agencies
- Debt collectors
- Financial or Investment Advisers
- Loan Brokers
- Non-bank mortgage lenders
- Real estate appraisers
- Real Estate Service Providers
- Tax Return Preparers
GLBA Information Security and Privacy Requirements
GLBA requires that financial institutions establish appropriate standards for financial institutions relating to the administrative, technical and physical safeguards of customer records and information. The standards’ objectives are to:
- Ensure the security and confidentiality of customer information;
- Protect against any anticipated threats or hazards to the security or integrity of such information; and
- Protect against unauthorized access to or use of customer information that could result in substantial harm or inconvenience to any customer.
The Safeguards Rule requires financial institutions to develop a written information security plan that describes how the company is prepared for, and plans to continue to protect clients’ nonpublic personal information. (The Safeguards Rule applies to information of any consumers past or present of the financial institution’s products or services.) This plan must include:
- Denoting at least one employee to manage the safeguards,
- Constructing a thorough risk analysison each department handling the nonpublic information,
- Develop, monitor, and test a program to secure the information, and
- Change the safeguards as needed with the changes in how information is collected, stored, and used.
The Safeguards Rule forces financial institutions to take a closer look at how they manage private data and to do a risk analysis on their current processes. No process is perfect, so this has meant that every financial institution has had to make some effort to comply with the GLBA Information Security Standards.
Call us today Toll Free at 1-844-9Pentest (1-844-973-6837).