In March 2019, the Federal Trade Commission (FTC) published requests for comment on proposed amendments to two key rules under the Gramm-Leach-Biley Act (GLBA) which would add more detailed requirements to the safeguards rule and the privacy rule.
The changes are aimed at making improvements to how companies store and transmit a consumer’s personal, financial, banking or economic data. The proposed changes are similar to the European Union’s General Data Protection Regulation (GDPR) implemented in May 2018.
Included in the proposed changes are an expansion to the definition of financial institutions to include entities that engage in activities that are “financial in nature,” which would include virtually any business or entity that deals with a customer’s financial information.
While the FTC has yet to rule on these amendments, the time to act is now. Proposed legislation at both the federal and state level point toward an increase in business regulations for data privacy within the next year or so. Businesses need to have a strong handle on their IT processes and controls, and have appropriate monitoring systems in place to protect consumer information.
Many times, business owners or IT teams want to wait until they get their house in order a bit more before they have someone come in to evaluate their systems. Don’t fall into this mindset! Get the assessment done now rather than later to give you a roadmap of what needs to be addressed and in what order. With the changes that are bound to happen to federal or state laws, you don’t want to be left scrambling.
One way to do this is by knowing your FISASCORE. BerganKDV offers this free assessment that will help you get an idea of the health of your organization’s information security. This assessment will give your organization a score to quickly and confidently understand and quantify information security risks and provide a common vision on how to prioritize and address them. This includes a comprehensive action plan that is designed to dramatically increase the overall health and score of your company’s greatest assets.
At BerganKDV, our technology team is here to help you understand your level of risk before a security breach occurs. Trusted by small businesses to Fortune 500 companies, FISASCORE is a comprehensive and expert assessment of your current security risks by certified FISA™ security professionals. Start Here.