GLBA – What it Means to You

The Financial Services Modernization Act of 1999, (most of us know it as the Gramm-Leach-Bliley Act or GLBA,) includes provisions to protect consumers’ personal information. As part of its implementation of the GLBA, banks are required to comply with the safeguards rule under section 501b, requiring financial institutions to secure personal information.  The three main objectives of GLBA are to:

  • Ensure the security and confidentiality of customer records and information
  • Protect against any anticipated threats or hazards to the security or integrity of such records
  • Protect against unauthorized access or use of such records or information which could result in substantial harm or inconvenience to any customer.

The Federal Financial Institutions Examination Council (FFIEC),  has created an Information Security Handbook and an exhaustive set of tests to assess compliance with the Safeguards Rule, including over 20 specifically related to intrusion prevention and detection. The security process recommended by the FFIEC comprises five key areas:

  • Information security risk assessment
  • Information security strategy
  • Implement security controls
  • Security testing
  • Monitoring and updating

Rofkahr Consulting can assist your organization in developing a comprehensive program to manage these areas. We can also be retained as an independent third-party in order to evaluate and test key controls, systems, and procedures of existing programs.

Contact Us!


Comments Off