Aug 11
22
Gramm-Leach-Bliley Act
- Enacted as The Financial Modernization Act of 1999
- This act provides guidance to protect and to safeguard the privacy of non-public personal financial information.
- A financial service provider or financial institution is defined as “any institution the business of which is engaging in financial activities as described in section 4(k) of the Bank Holding Company Act of 1956”. [509(3)(A)] These include lenders, consumer reporting agencies, debt collectors, data processors, courier services, retailers issuing consumers credit cards, personal property or real estate appraisers, check-cashing businesses, mortgage brokers, and more.
- In regards to information security and management the act requires financial institutions to take reasonable measures in the security and confidentiality of customer information and protect against any threats to security and unauthorized access or use of.
- This act provides standardized guidelines to protect identifiable health information.
- It requires covered entities to have reasonable administrative, technical, and physical safeguards in place to prevent unauthorized use or disclosure of protected health information. This covers electronic and physical health information.
- Reasonable safeguards include keeping records locked for storage and shredding for the destruction.
