"The Gramm-Leach-Bliley Act Effects On Business"

Under Title V - Privacy, covered financial institutions must establish appropriate standards relating to administrative, technical and physical safeguards to insure security and confidentiality of customer records and information and to protect against unauthorized access to or use of such records information which could result in substantial harms or inconvenience to any customer. What is affected by GLBA

The Gramm-Leach-Bliley Act is a Congressional Act that prohibits any institution that provides financial products or services from sharing a customer's ‘nonpublic personal information’ with non-affiliated third parties unless the institution first discloses its privacy policy to consumers and allows them to 'opt out' of that disclosure.

Why did Congress enact the Gramm-Leach-Bliley Act?In short, Gramm-Leach (as it is called) was made into law in order to restrict the ability to sell, give or otherwise disclose personal information to third parties without permission.What does this mean?

A less intrusive world. Gramm-Leach will result in a reduction of telemarketing calls, of Internet spam and of identity thefts, while providing greater security of financial information.

Gramm-Leach was signed into law on November 12, 1999, establishing minimum privacy standards. Full compliance for federally regulated entities was required by July 1, 2008. Compliance for insurance companies and agencies was November 13, 2007.

What this means is that each financial institution has an affirmative and continuing obligation to respect the privacy of its customers and to protect the security and confidentiality of those customers' nonpublic personal information.Whom does Gramm-Leach affect?

It applies to "Any institution the business of which is engaging in activities that are financial in nature, or incidental to such financial activities." This includes national banks, federally chartered thrifts, FDIC depositories, insurance companies and agencies, the new FHC structure, credit card firms, mortgage services, insurance companies, securities firms, and brokerage services, as well as many other related financial service organizations. Basically any business that maintains personal financial information on, or for its customers.How are financial institutions affected?


GLBA affects a wide range of personal data managed by many organizations. The guidelines include:All individually identifiable information relating to customers or any person receiving services. Past, present, or future financial information, services or payment for services Demographic data collected by financial institutions What is the impact of GLBA on your organization?

GLBA will impact your organization in many ways. It mandates new rules and
procedures that will cost money and take time to implement.Overall Impact

GLBA will have an incredible impact on all organizations dealing with financial
information. It will require a complete evaluation and re-design of the way in which financial data is handled. In most instances revised security policies must be put into place to meet specific requirements, including new privacy regulations.

Effective compliance requires organization-wide implementation, including:
∑ Creating awareness of GLBA Assessing information security systems, policies and procedures Developing an action plan with deadlines and timetables

GLBA changes the way companies deal with customer information—specifically information regarding individuals finances. GLBA provides a complex set of regulations for the acquisition, transport, storage, and sharing of personal financial information. Since much of this information is computerized, data security becomes a major component of GLBA compliance.

In order to comply with GLBA regulations, firms must assess their current situation regarding the security and accessibility of customer data. This type of assessment provides a baseline for developing a plan to reach GLBA compliance.

SafelinkID GLBA Compliance Solutions will help your organization with achieving compliance.