GLBA (aka “Glibba”) Gramm-Leach-Bliley Act
GLBA is a federal law enacted in the United States to control the ways financial institutions deal with the private information of individuals. The Act consists of three sections:
-
The Financial Privacy Rule, which regulates the collection and disclosure of private financial information
-
The Safeguards Rule, which stipulates that financial institutions must implement security programs to protect such information
-
Pretexting provisions, which prohibit the practice of pretexting or accessing private information using false pretenses
The purpose of the GLB Act is to ensure that financial institutions and their affiliates safeguard the confidentiality of personally identifiable information (PII) gathered from customer records in paper, electronic or other forms. The law requires affected companies to comply with strict guidelines that govern data security.
According to the law, financial institutions have an obligation to respect their customers' privacy and securely protect their sensitive personal information against unauthorized access.