What is the Gramm-Leach-Bliley Act? 

“The Gramm-Leach-Bliley Act requires financial institutions – companies that offer consumers financial products or services like loans, financial or investment advice, or insurance – to explain their information-sharing practices to their customers and to safeguard their sensitive data.”

Who must comply? 

“The definition of “financial institution” includes many businesses that may not normally describe themselves that way. In fact, the Rule applies to all businesses, regardless of size, that are “significantly engaged” in providing financial products or services. This includes, for example, check-cashing businesses, payday lenders, mortgage brokers, nonbank lenders, personal property or real estate appraisers, professional tax preparers, and courier services. The Safeguards Rule also applies to companies like credit card reporting agencies and ATM operators that receive information about the customers to other financial institutions. In addition to developing their own safeguards, companies covered by the Rule are responsible for taking steps to ensure that their affiliates and service providers safeguard customer information in their care.”

What types of privacy data does GLBA protect?

“Dispose of customer information in a secure way and, where applicable, consistent with the FTC’s Disposal Rule. For example:

  • Consider designating or hiring a records retention manager to supervise the disposal of records containing customer information. If you hire an outside disposal company, conduct due diligence beforehand by checking references or requiring that the company be certified by a recognized industry group. 
  • Burn, pulverize, or shred papers when disposing of computers, disks, CDs, magnetic tapes, hard drives, PDAs, cell phones, or any other electronic media or hardware containing customer information.”
Download this PDF to learn more about GLBA and how Clarabyte protects consumer information. 
File Size: 15 MB
Schedule A Demo