Federal Regulations

GLBA text on a wall

GLBA Compliance 

Three integral pieces of the 1999 Gramm-Leach-Bliley Act (GLBA) focus on the information security review of consumers’ personal financial information. Together, the Financial Privacy Rule, the Safeguards Rule and the Pretexting Provisions determine how financial institutions can collect this information and how they must ensure the security and confidentiality of it.

What is GLBA Compliance?

To meet GLBA requirements for customer information security review requests, all financial institutions must: 

  • Provide notice to customers about privacy requirements regarding their personal financial information (Financial Privacy)
  • Establish, implement and maintain a customer Information Security Program that secures and protects consumers’ personal financial information from anticipated threats and/or unauthorized access (Safeguards)
  • Ensure that consumers’ personal financial information is not being collected under false pretenses (Pretexting) 

These rules extend to more than just banks, credit unions and thrifts. Per GLBA information security regulations, the term financial institution covers many parallel sectors, including tax preparers, credit counselors, debt collectors, automobile dealers and much more. In general, if a business collects and shares personal information about consumers to whom they extend or arrange credit, they have an obligation to GLBA. 

Meet GLBA Regulations with CSI Information Security

CSI Regulatory Compliance provides a variety of solutions specifically designed to meet GLBA requirements of compliance. Trained consultants work with internal IT staff to perform GLBA information security risk assessments while not disrupting normal business activities. 

  • Information Security
    Protects sensitive information for your customers, members and institution, and lowers your risk against the rising threat of cyber attacks 
  • Penetration Testing
    Keeps your security infrastructure updated by using proven methodology that mirrors assault methods of unethical attackers to detect and reinforce network vulnerabilities

Achieve GLBA Compliance at Your Institution

Adherence to GLBA requirements is the foundation of a secure customer information security program. Fill out this online form to learn how CSI’s GLBA information security risk assessment keeps your institution compliant and your customers’ data secure.