Beginning in April 2022, banking organizations and bank service providers will be subject to the shortest regulatory breach notification reporting time frame of any law to date – 36 hours.

Updates on the Evolving Data Protection Landscape
Beginning in April 2022, banking organizations and bank service providers will be subject to the shortest regulatory breach notification reporting time frame of any law to date – 36 hours.
The Gramm–Leach–Bliley Act (GLBA) and its implementing regulations impose privacy requirements when financial institutions collect “nonpublic personal information about individuals who obtain financial products or services primarily for personal, family, or household purposes.”[1] GLBA does not apply, however, when a financial institution collects information about individuals “who obtain financial products or services for business,…