GLBA - Gramm-Leach-Bliley Financial Services Modernization Act Of 1974
What does it mean?
Protects consumers' personal financial information and requires companies to give consumers privacy notices that explain the financial institutions’ information sharing practices.
- Financial Privacy Rule — governs the collection and disclosure of customers’ personal financial information by financial institutions. It also applies to companies, whether or not they are financial institutions, who receive such information.
- Safeguards Rule — requires all financial institutions to design, implement and maintain safeguards to protect customer information. Applies not only to financial institutions that collect information from their own customers, but also to financial institutions (such as credit reporting agencies) that receive customer information from other financial institutions.
- Pre-texting Provisions — protect consumers from individuals and companies that obtain their personal financial information under false pretenses.
Who is affected?
GLBA applies to “financial institutions” which includes companies such as loan brokers, some financial or investment advisers, tax preparers, providers of real estate settlement services, and debt collectors that offer financial products or services (i.e., loans, financial or investment advice, or insurance) to individuals.
What is the impact? (penalties and fines)
- Financial institution subject to civil penalty of not more than $100,000 for each violation
- Officers and directors subject to, and personally liable for, a civil penalty of not more than $10,000 for each violation
- Criminal penalties of up to 5 years in prison
How to reach compliance?
- Have a security plan to protect the confidentiality and integrity of personal consumer information
- Disclose all privacy policies/procedures
- Give notification when sharing with third parties for non-financial reasons
- Give customers privacy notices and establish limitations of using information
Contact Us and a Cintas Document Management expert will do a no-obligation evaluation of your facility's information management needs.