Is Your Company GLBA Compliant?
The Gramm-Leach Bliley Act (GLBA) is a U.S. federal law that requires financial institutions to explain how they share and protect private customer information. To be GLBA compliant, financial institutions must send reports to customers about their information sharing and data security practices. The bank is required to let you know how they’re protecting your data.
In addition to banks, the GLBA affects many organizations, including security firms, insurance companies, tax preparers, financial advisors, credit counselors, check-cashing businesses, payday lenders, mortgage brokers, and non-bank lenders. Even colleges that provide student loan processing are also required to comply with the GLBA. Your privacy practice obligations depend on whether you have consumers or customers according to the Federal Trade Commission.
Benefits of GLBA Compliance
- The institution will be at lower risk of penalties or reputational damage caused by unauthorized sharing or loss of private customer data.
Consequences of Non Compliance within the GLBA
- The institution will be subject to a fine for each violation;
- Officers and directors of the institution will be subject to, and personally liable for, a civil penalty for each violation;
- The institution and its officers and directors will also be subject to fines in accordance with Title 18 of the United States Code or imprisonment.
A study by Ponemon Institute reveals the cost of non-compliance is far greater than compliance. The costly penalties and fines make good business sense be prepared and proactive when it comes to data security.
How can CyberCrunch help? We provide permanent data destruction solutions to keep your customers private information from being stolen. This process will satisfy a GLBA requirement by preventing customer data from being exposed in a hypothetical data breach. Our IT asset disposition (ITAD) services provide secure erasure before assets are remarketed, donated or destroyed. With our extensive experience in the industry, familiarity with regulatory and governmental policies, CyberCrunch is an obvious choice.