The U.S. Federal Trade Commission (FTC)—a bipartisan federal agency that champions the interests of American consumers—has added certain businesses to the Safeguards Rule, which was designed by the FTC to protect customer information from being shared inappropriately as required by the Gramm-Leach-Bliley Act that has been in force since 1999.
The Safeguards Rule requires financial institutions under FTC jurisdiction to have measures in place to keep customer information secure. The FTC considers an organization a financial institution if they are significantly engaged in financial activities or significantly engaged in activities incidental to such financial activities. In addition to developing their own safeguards, companies covered by the Rule are responsible for taking steps to ensure that their affiliates and service providers safeguard customer information in their care.
According to the FTC, customer information includes personally identifiable data collected in relation to lease, insurance, or finance contracts; this holds true across data types except for information that is publicly available. The FTC has clearly stated that all businesses must:
Please note that some financial institutions do have additional requirements with which they must comply under the Gramm-Leach-Bliley Act and the FTC’s Privacy Rule.
Contact us at sales@ironcore-inc.com to learn how we can help your organization comply with its compliance requirements under these laws and rules.