Beginning in April 2022, banking organizations and bank service providers will be subject to the shortest regulatory breach notification reporting time frame of any law to date – 36 hours.
With Updated Safeguards Rule, FTC Signals New Wave of Cybersecurity Enforcement for Financial Institutions
On Oct. 27, 2021, the Federal Trade Commission (FTC) amended its Standards for Safeguarding Customer Information (the “Safeguards Rule”), promulgated under the Gramm-Leach-Bliley Act (GLBA).
|
This GT Alert covers the following: |
|
Financial institution confusion: Are financial institutions fully exempt from the CCPA, CPRA, VCDPA, and CPA?
The Gramm–Leach–Bliley Act (GLBA) and its implementing regulations impose privacy requirements when financial institutions collect “nonpublic personal information about individuals who obtain financial products or services primarily for personal, family, or household purposes.”[1] GLBA does not apply, however, when a financial institution collects information about individuals “who obtain financial products or services for business,