US strengthens financial data security requirements under Gramm-Leach-Bliley Act (GLBA)

The US Federal Trade Commission (FTC) has published changes to the Gramm-Leach Bliley Act, which protects consumer financial privacy at financial institutions and at companies handling financial activities. Key changes under the revised Safeguards Rule include:

  • expanded definition of types of companies subject to GLBA
  • more specific, detailed requirements for compliance
  • oversight obligation to appoint a security officer to oversee and implement a security program