GLBA Compliance


The Background


The Gramm-Leach-Bliley Act or the GLBA was enacted in the year 1999. The primary aim of the act was the modernization of financial services. GLBA ended the reign of prohibitive and restrictive regulations in the financial services industry. The GLBA consists of several rules, which are imposed on the financial services industry. The GLBA Rules applies to organizations such as banks, insurance companies, stock brokerage companies and investment banking companies.
The Privacy Rule of the GLBA focuses on the privacy of customer information to be maintained by financial institutions. It applies to financial institutions that collect Non-public information (NPI) from their customers. NPI may be equated personally identifiable information. This data usually consists of the name, social security number, address, income and the individual’s choice of financial products opted for. The Financial institution has to make several statements to their customers assuring the privacy of the NPI collected by the financial institutions. The Financial Institution also has an obligation to protect the NPI collected from their customers, which is where the Safeguards rule of the GLBA comes into play.
The Safeguards rule of the GLBA has been laid out to ensure that financial institutions protect their customer data from unauthorized disclosure. The Safeguards rule requires the financial institution to lay out an information security program. The rule stresses on the need for assessing risks for customer information and evaluating the organization’s current safeguards against these risks. The GLBA also indicates the need for evaluation of the controls implemented periodically for effectiveness. Service providers to the financial institutions also need to adhere to information security practices commensurate with the risk of loss of customer data.

why we45?


we45 understands the requirements of the Security rule of the GLBA. With our risk assessment methodologies and security assessment practices and procedures, we would be able to comprehensively assist your organization and your partners (with whom customer information is shared) in getting compliant with the requirements of the GLBA. Right from scoping the assessment to performing an assessment of the security practices and implementations, which are critical to ensure the confidentiality, integrity and availability of sensitive customer information, we45 would be able to deliver consulting and implementation solutions to achieve and surpass the requirements of the GLBA.

Privacy Policy | Disclaimer | Copyright © 2011 we45 Solutions India Pvt Ltd. Contact