What is GLBA?
The Gramm-Leach-Bliley Act (GLBA) was organized in 1999 with the intention of controlling the means in which financial institutions deal with private information of individuals. The Act is composed of three sections: The Financial Privacy Rule, which manages the collection and disclosure of private financial information; the Safeguards Rule, which requires the implementation of data security programs; and the Pretexting provisions, which prohibit the practice of pretexting. GLBA also sets the requirements for customer privacy notices, which explain the financial institutions information-sharing practices.
Basic rules on GLBA compliance:
GTB Technologies' GLBA compliance solution - Accuracy on all ports and protocols:
The GLB Act applies to financial institutions. Non compliant financial institutions face costly penalties, which can include fines up to $100,000 per violation and $192 per record lost in restitution. The definition of a financial institution is very broad according to the Federal Trade Commission. An organization that works with people's money is generally considered a financial institution. Naturally a bank, credit union or brokerage is required to maintain GLB compliance; however, other types of businesses are also included in GLBA. Some examples from the FTC include: preparers of income tax returns, consumer credit reporting agencies and credit counseling services, real estate transaction settlement services and debt collection agencies. In addition to the direct providers of those services, any organization that receives data from those providers must also comply with GLB requirements.