GLBA

Subject Home

Financial Privacy & Security:
The Gramm-Leach Bliley Act

Gramm-Leach-Bliley Act, Title V, Subtitle A, Financial Privacy - 15 U.S.C. § 6801-6809

The Financial Modernization Act of 1999, also known as the “Gramm-Leach-Bliley Act” or GLB Act, includes provisions to protect consumers’ personal financial information held by financial institutions. There are three principal parts to the privacy requirements: the Financial Privacy Rule, Safeguards Rule and pretexting provisions.

The GLB Act gives authority to eight federal agencies and the states to administer and enforce the FTC Financial Privacy Rule and the FTC Safeguards Rule. These two regulations apply to “financial institutions,” which include NOT ONLY banks, securities firms, and insurance companies, but also companies providing many other types of financial products and services to consumers. Among these services are lending, brokering or servicing any type of consumer loan, transferring or safeguarding money, preparing individual tax returns, providing financial advice or credit counseling, providing residential real estate settlement services, collecting consumer debts and an array of other activities. Such non-traditional “financial institutions” are regulated by the FTC.

• The Financial Privacy Rule
  Governs the collection and disclosure of customers’ personal financial information by financial institutions. It also applies to companies, whether or not they are financial institutions, who receive such information. For a summary overview of the Financial Privacy Rule,  see In Brief: The Financial Privacy Requirements of the Gramm-Leach-Bliley Act.
   

• The Safeguards Rule
  Requires all financial institutions to design, implement and maintain safeguards to protect customer information. The Safeguards Rule applies not only to financial institutions that collect information from their own customers, but also to Financial Activity Organizations – that receive customer information from their own financial activities or other financial institutions.  It also includes Agents for Financial Institutions.

Call Us Today! +1-347-412-0574

The GLB Act applies to "financial institutions" - companies that offer financial products or services to individuals, like loans, financial or investment advice, or insurance. The Federal Trade Commission has authority to enforce the law with respect to "financial institutions" that are not covered by the federal banking agencies, the Securities and Exchange Commission, the Commodity Futures Trading Commission, and state insurance authorities. Among the institutions that fall under FTC jurisdiction for purposes of the GLB Act are non-bank mortgage lenders, loan brokers, some financial or investment advisers, tax preparers, providers of real estate settlement services, and debt collectors. At the same time, the FTC's regulation applies only to companies that are "significantly engaged" in such financial activities.

The law requires that financial institutions protect information collected about individuals; it does not apply to information collected about businesses or commercial entities.

The Obvious GLBA Financial Institutions Include:

• Banks, Savings and Loans, Credit Unions

• Lending Companies, Mortgage Brokers, etc.

• Insurance Companies

• Financial Advisors

• Securities & Brokerage Firms

• Real Estate. Title Insurance, Related Services

• Accountants

• Trust Companies

Other Less Obvious Entities Significantly Engaged In Financial Activities:

• Credit reporting agencies

• Auto / Motorcycle / Boat / RV Dealers, etc.

• Rental Services (Car, Moving Truck, Equipment, etc.)

• Bail Bonds

• Pawn Brokers

• Furniture Resellers / Lease Companies

• Rental Property Management Firms

• Attorneys

• Local Governments (specific functions - see LocalGovernmentCompliance for more information)

• State & Federal Government agencies and programs (direct to individual financial activities)

• Check Cashing stores

• Consumer Billing Services & Payment Processors

• Payroll Services & HR Outsource Services (inlcuidng Benefits)

• Any Business That Facilitates Credit (of any kind) or Leases (rental under agreement)

• The list goes on and on...

For more information on the types of financial activities covered, click here.

For more information about GLBA, click here.

Also, the Pretexting provisions of the GLB Act protect consumers from individuals and companies that obtain their personal financial information under false pretenses, a practice known as “pretexting.”
 

Gramm-Leach-Bliley Act, Title V, Subtitle A, Financial Privacy
15 U.S.C. § 6801-6809

Financial Privacy Rule

5/24/00
Final Rule [PDF]
Privacy of Consumer Financial Information, Federal Register

3/1/00
Notice of Proposed Rulemaking [PDF]
Privacy of Consumer Financial Information, Federal Register

FTC Staff Guidance

Frequently Asked Questions for the Privacy Regulations (December 2001)

Additional Industry-Specific Frequently Asked Questions About the Privacy Regulation

Mortgage Brokers (January 2003)

GLB Outline
[PDF]

Other Links

Other GLBA News:

GLB Agencies to Consider Alternative Forms of Privacy Notices

File a GLBA Complaint

Legal Notice:  
We recognize that SOX (Sarbanes Oxley), GCP (Good Clinical Practice), HIPAA, CLIA, GLBA (Gramm Leach Bliley), DITSCAP, COPPA and other regulations and statutes are law, and that all interpretation of law should involve licensed attorneys in good standing with their local Bar Association.  No matter which services firm you select, be sure that their work is performed under the requirements of your state, in conformance with the law, and reviewed by your own attorney for your protection.  It is the covered entity subject to the jurisdiction of the regulation(s) that bears ALL liability for compliance with these laws.  We do strongly recommend the services of an independent validator/certifier to review your compliance prior to the appropriate deadline if appropriate or completion of the regulated project.

The above believed to be accurate and factual; please notify us immediately of any errors or omissions.  The above is intended for introductory and educational purposes only, and is not intended to be complete or comprehensive.  Neither can we be responsible for the accuracy of the information since it is (in whole or in part) derived from multiple sources.  Please refer to source governmental sources as appropriate.  The reader assumes all risk in the use of any information displayed or presented through this website,

This website, webpage, or linked documents do not constitute legal advice and is for educational purposes only.  The provider (Regulatory Compliance Associates and their staff) accepts no responsibility for its accuracy, review, distribution, or use in any way.  This website, webpage, and or linked documents are based on currently understood HIPAA, ASCA, and/or Federal, State, and Local Statutes, rules, regulations, standards, and/or implementation guides and is subject to change without notice, as changes in HIPAA/ASCA rules and regulations or subsequent interpretative guidance by courts or other bodies.  You assume responsibility for understanding this material and its applicability and/or use. This website, webpage, and/or linked document is designed to conform with GLBA, GCP, CLIA, HIPAA/ASCA, or other rules and regulations, as understood, and may need to be interpreted by your attorney as needed to conform with state law where that state law is more stringent than the federal rules or other state - you’re use of this information must always be reviewed and approved by your own attorney prior to use. Please refer to our Terms and Conditions page for additional limitations and restrictions.  Click here for additional Terms & Conditions for Use of this Website

Privacy Policy:  This website collects minimal personal information at this time.  We do not engage in mass mails or disclosure your information to third-parties unless requested.  Email links are provided as a convenience for professional communications only, and are beyond the responsibility of the website operator.  The user accepts all responsibility when using any and all links provided on this site, and it is acknowledged that different website may have different privacy policies.  The user should review the privacy policies of each website visited.  This website is not intended for children, and children should not use it.  This website does not use cookies.  Blocking cookies will not affect your use of this website.  Click here for our full Privacy Policy

Vendors and 3rd parties listed are not affiliated  in any way unless indicated, and are listed, displayed or linked for the convenience of the visitor for informational purposes only.   3rd party trademarks &  registered trademarks acknowledged

The term "Help Now!" when used in context with regulatory compliance, as example "HIPAA Help Now", is and are trademark(s), all rights reserved.  Click Here for our trademark and copyright information

Please note:  RegulatoryPro.us & RegulatoryCompliance.us and all variations are Trademarks regardless of domain registration.

Verified Website Operator