GLBA governs the collection, disclosure and protection of customers’ personal information by financial institutions.

Gramm–Leach–Bliley Act

Find out what this means for your business.

Contact Us

What is the Gramm-Leach-Bliley Act (GLBA)?

The GLBA, also known as the Financial Services Modernization Act, affects all institutions that offer financial services or products. Affected companies need to understand and comply with the act’s requirements to explain their disclosure practices and safeguard their customers’ sensitive data. Let Access help.

Why was the GLBA developed?

The Gramm–Leach–Bliley Act was developed to govern the collection, disclosure and protection of the personal information gathered by financial institutions about their customers. The act is composed of three sections – the Financial Privacy Rule, Safeguards Rule and Pretexting provisions – that detail the requirements that must be met in order to maintain compliance.

The GLBA applies to all financial institutions, including but not limited to:

  • Banks
  • Mortgage/Loan Brokers
  • Real Estate Appraisers
  • Debt Collectors
  • Tax Preparation Businesses and Accountants
  • Auto Dealers
  • Check-cashing Businesses and ATM Operators
  • Insurance Companies

In general, the GLBA applies

To all services associated with consumer loans, transferring or safeguarding money, providing credit counseling or other financial advice, collecting consumer debts, and an array of other financial activities, regardless of whether the institution providing the service is listed above.

What does this have to do with records management?

More than you may think.

Financial Privacy Rule

This rule regulates the collection and disclosure of financial information belonging to consumers, and requires relevant institutions to provide privacy notices at the time a consumer relationship is established, as well as annually after that.In relation to a records management strategy, financial institutions need to securely and efficiently distribute documents to their customers.

Safeguards Rule

This rule requires financial institutions to design, implement and monitor a safeguards program to protect consumer information. The program must describe how the company currently protects, and will continue to protect, their clients’ information from unauthorized disclosure, use, alteration or destruction.Given the challenges and risks associated with information processing, storage, transmission and retrieval, secure storage solutions and encrypted online interfaces are imperative to a compliant safeguards program.

Pretexting Provisions

These provisions prohibit the practice of pretexting (accessing private information through the use of false pretenses).By limiting and tailoring access levels, and tracking user activity, through a secure data repository, financial institutions can reduce instances of pretexting.

Background Image
Tony Skarupa

Information is your most valuable asset. It’s our passion.

Ready to take control of your information lifecycle? We handle documents for more than 30,000 businesses in North America. Let us help you handle yours.