GLBA Compliance Service
While fraud has always been a challenge in the finance industry the GLBA highlighted challenges and put forward a modernized approach for addressing these threats. Today that means fewer consumers falling victim to fraudsters.
SECURITY PROGRAM:
Designate one or more employees to coordinate an information security program. Identify and assess the risks to customer information in each relevant area of the company’s operation, and evaluate the effectiveness of the current safeguards for controlling these risks. Design and implement a safeguards program, and regularly monitor/test it. Select service providers that can maintain appropriate safeguards, make sure your contract requires them to maintain safeguards, and oversee their handling of customer information. Evaluate and adjust the program in light of relevant circumstances, including changes in the firm’s business or operations, or the results of security testing and monitoring
INFORMATION SECURITY AND GLBA COMPLIANCE
The Bureau of Consumer Protection recommends a number of practices to ensure the privacy of customer financial data and maintain GLBA compliance. These include running thorough background checks on all potential employees and giving access to sensitive data only to those that need it, when they need it. All passwords should be complicated and frequently changed, and should not be stored on physical media, digital or otherwise Encryption is another important aspect of protecting the security of financial data. When data is encrypted, it can’t be read unless someone has the key to decrypt it (Key for GLBA data privacy). Not only does this prevent prying eyes from snooping on your client’s information, but it also protects your business should that same data fall into the wrong hands. According to GLBA compliance protocol, you would have to report the breach to your customers, but you would be able to assure them that their data is still protected by encryption. Our security and risk consultation services help support your GLBA and FFIEC compliance efforts by performing analyses to determine the appropriate controls to protect information based on your organizational risk.
GLBA Compliance
Fulfill GLBA Requirements