In today’s digital age, safeguarding sensitive personal information is more critical than ever. The Gramm–Leach–Bliley Act (GLBA) mandates strict protocols to protect customer privacy and ensure the security and confidentiality of their data.

CDIA’s comprehensive GLBA Awareness Program equips your team with the knowledge to meet these essential requirements, with a strong focus on the latest amendments to the Safeguards Rule, effective as of May 13, 2024.  If you are a mortgage broker, nonbank lender, consumer reporting agency, real estate appraiser, auto dealer that engage in certain leasing activities, certain fintech company, and credit counselor or other non-bank financial institutions this course is for you.

 PURCHASE TODAY

As of May 13, 2024, a broad range of non-bank financial institutions must now comply with a new notification requirement for certain data breaches under the FTC’s amended Gramm-Leach Bliley Safeguards Rule. Covered entities must notify the FTC within 30 days of discovering a breach involving 500 or more consumers. The rule applies to unauthorized acquisition of unencrypted customer information. To streamline compliance, the FTC has introduced a new online reporting form. This update is part of the FTC’s effort to ensure businesses are keeping pace with evolving data security risks.

Top 5 Key Highlights of the Safeguards Rule Notification Requirement Update:

  1. Mandatory Breach Notification: Financial institutions must notify the FTC of a data breach involving 500 or more consumers within 30 days of discovery.
  2. Broad Definition of Financial Institutions: The rule covers a wide range of entities beyond traditional banks, including mortgage lenders, payday lenders, and tax preparation firms.
  3. Focus on Unencrypted Data: The notification requirement applies when unencrypted customer information, or data where the encryption key has been compromised, is acquired without authorization.
  4. Clear Reporting Process: The FTC has introduced a new online form to simplify the reporting process, outlining the specific details businesses need to provide.
  5. Compliance Deadline: The updated rule went into effect on May 13, 2024, following a six-month preparation period after the October 2023 announcement.

 PURCHASE TODAY