Financial institutions collect personal information from customers every day, from names and addresses to bank account and Social Security numbers. The Gramm-Leach-Bliley Act’s Safeguards Rule requires covered “financial institutions” to develop, implement, and maintain a comprehensive information security program for handling customer information. As part of its regulatory review process, the Federal Trade Commission (FTC) has proposed changes to the Rule. Proposed amendments to the Safeguards Rule, among others, would add more detailed requirements regarding what must be included in a comprehensive information security program and would expand the definition of “financial institutions” subject to the Safeguards Rule to cover “finders” who charge a fee to connect consumers to lenders.
In a recent FTC virtual workshop, David Lincicum, Attorney at the FTC, discussed the changes the proposed rulemaking hopes to bring about and stressed that “Risk assessments are not something that can be done once and forgotten … New threats arise and new vulnerabilities are discovered.” Panelists agreed that this is an important issue currently being overlooked and as such the proposed rule calls for regularly testing and monitoring the effectiveness of institutions’ defense programs.
Join us for a live webinar with David Lincicum, Attorney at the FTC, and Becki Kuehn, Partner at Hudson Cook for an in-depth discussion on the FTC’s proposed rulemaking and how it will impact your organization. This event includes a live Q&A session moderated by Eric Ellman, Senior Vice President of Public Policy and Legal Affairs at CDIA.