Old Phone System? Try Ventis Unified Communications Service! Beaver PA
.png/:/rs=h:104,cg:true,m/qt=q:95)
FTC Safeguards Rule Overview
Deadline - June 9th 2023
What is it?
A rule requiring financial institutions to take specific steps to protect customer information
Deadline
Must comply by 6/9/23
Penalties
Up to $100,000/violation of non-compliance
Who needs to comply with the Safeguards Rule?
An institution that is significantly engaged in financial activities, or significantly engaged in activities incidental to such financial activities, is a financial institution.
Examples include mortgage lenders, payday lenders, finance companies, mortgage brokers, account servicers, check cashers, wire transferors, collection agencies, credit counselors and other financial advisors, tax preparation firms, non-federally insured credit unions, and investment advisors that aren’t required to register with the SEC.
What does a reasonable information security program look like?
Section 314.4 of the Safeguards Rule identifies nine elements that your company’s information security program must include. See below.
What does the Safeguards Rule require companies to do?
Develop, implement, and maintain an information security program with administrative, technical, and physical safeguards designed to protect customer information.
Your information security program must be written and it must be appropriate to the size and complexity of your business, the nature and scope of your activities, and the sensitivity of the information at issue.