Gramm-Leach-Bliley Act
The Gramm-Leach-Bliley Act requires financial institutions – companies that offer consumers financial products or services like loans, financial or investment advice, or insurance – to explain their information-sharing practices to their customers and to safeguard sensitive data.
Guidance
Under the Safeguards Rule, financial institutions must protect the consumer information they collect. Learn if your business is a “financial institution” under the Rule. If so, have you taken the necessary steps to comply?
The FTC, FRB, OCC, FDIC, SEC, NCUA, OTS, and CFTC have completed an interagency notice research project and rulemaking. The goal of the project was to develop, through consumer testing, privacy notices that consumers can understand and use to compare financial institutions’ information collection and sharing practices.
Auto dealers that extend credit, arrange financing or leasing, or give financial advice must notify customers about the information they collect, who they share it with, and how they protect it. Are you following the rules of the road?
Financial institutions are required to explain their privacy practices and tell consumers their rights. An effective privacy notice – one that encourages feedback, is easy to read, and uses graphics – can enhance confidence and trust. Are you communicating effectively with your customers?
Financial institutions covered by the Gramm-Leach-Bliley Act must tell their customers about their information-sharing practices and explain to customers their right to "opt out" if they don't want their information shared with certain third parties. Is your company following the requirements of the Privacy Rule?
The Gramm-Leach-Bliley Act requires many companies to give consumers privacy notices that explain the institutions' information-sharing practices. Do your privacy notices give a clear, conspicuous, and accurate statement of the company's practices?
The Safeguards Rule requires financial institutions to secure customer records and information. But the law defines “financial institution” broadly to cover many businesses who might not describe themselves that way. If you’re covered by the Safeguards Rule, are your standards up to snuff?
