On October 27, the Federal Trade Commission (“FTC”) unanimously voted to amend the Safeguards Rule to require non-banking financial institutions, such as mortgage brokers, motor vehicle dealers, and payday lenders, to report data breaches and security events to the Agency. This amendment will become effective 180 days after its publication in the Federal Register.… Continue Reading
safeguards
FTC extends deadline for updated Safeguards Rule by six months
On November 15, 2022, the FTC announced that it was extending by six months the deadline for companies to comply with some portions of the updated Safeguards Rule. The extension comes as a welcome relief to companies racing to meet the rapidly nearing effective date.
The FTC approved changes to the longstanding Safeguards Rule in October 2021. … Continue Reading
This week’s podcast: The Federal Trade Commission’s updated Gramm-Leach-Bliley Act Safeguards Rule – What you need to know
The FTC’s recently updated rule implementing GLB standards for safeguarding customer information replaces the flexibility previously given to financial institutions in developing an information security program with new prescriptive requirements. Our discussion topics include what these new requirements mean for specific aspects of such programs, assigning employee responsibility, conducting risk assessments, installing access controls, using encryption, and who is covered by the rule. … Continue Reading
FTC seeks comment on proposed amendments to safeguards and privacy rules
The FTC has proposed amendments to its 2003 Safeguards Rule and 2000 Privacy Rule, applicable to financial institutions under the Gramm Leach Bliley Act (GLBA). The proposed changes are informed by the FTC’s enforcement experience and are intended to keep pace with technological developments.
The Safeguards Rule requires financial institutions to have a comprehensive information security program. … Continue Reading