GLBA Compliance

Looking for a partner who specializes in information security and compliance?

Meeting GLBA requirements extends beyond the realm of compliance. In today’s digital-first world, the integrity of customer data is vital to your institution’s success. CSI specializes in meeting GLBA requirements through information security reviews, penetration testing and vulnerability assessments.

How to Meet GLBA Requirements

Three integral pieces of the 1999 Gramm-Leach-Bliley Act (GLBA) focus on the information security review of consumers’ personal financial information. Together, the Financial Privacy Rule, the Safeguards Rule and the Pretexting Provisions determine how financial institutions can collect this information and how they must ensure the security and confidentiality of it.

To meet GLBA requirements for customer information security review requests, all financial institutions must:

  • Provide notice to customers about privacy requirements regarding their personal financial information (Financial Privacy)
  • Establish, implement and maintain a customer Information Security Program that secures and protects consumers’ personal financial information from anticipated threats and/or unauthorized access (Safeguards)
  • Ensure that consumers’ personal financial information is not being collected under false pretenses (Pretexting)

These rules extend to more than just banks, credit unions and thrifts. Per GLBA information security regulations, the term financial institution covers many parallel sectors, including tax preparers, credit counselors, debt collectors, automobile dealers and much more. In general, if a business collects and shares personal information about consumers to whom they extend or arrange credit, they have an obligation to GLBA.

Meet GLBA Regulations with CSI Information Security

CSI Regulatory Compliance provides a variety of solutions specifically designed to meet GLBA requirements of compliance. Trained consultants work with internal IT staff to perform GLBA information security risk assessments while not disrupting normal business activities.

  • Information Security: Protects sensitive information for your customers, members and institution, and lowers your risk against the rising threat of cyber attacks
  • Penetration Testing: Keeps your security infrastructure updated by using proven methodology that mirrors assault methods of unethical attackers to detect and reinforce network vulnerabilities
  • Vulnerability Assessment: Scans your entire network for vulnerability, performing patch management and port scanning

Once we were comfortable, we flipped the switch over a weekend and began officially using Elite. It was very easy. The CSI team that we worked with was pretty awesome. It did not take very long to get spun up on Elite.

Heather Sawle
HomeStreet Bank
Associate Vice President

Get In Touch

Are you looking for the edge to outperform the competition? CSI is a full-service technology and compliance partner.

Let’s Talk