IT Examiner School, Providence, RI

Information Security Program

CFR Part 314 of the FTC Rules and Regulations – Standards for Safeguarding Customer Information

• This part, which implements sections 501 and 505(b)(2) of the Gramm- Leach-Bliley Act, sets forth standards for developing, implementing, and maintaining reasonable administrative, technical, and physical safeguards to protect the security, confidentiality, and integrity of customer information.

• This part applies to the handling of customer information by all financial institutions over which the Federal Trade Commission has jurisdiction.

Information Security Program

• GLBA does not specify the categories of financial institutions subject to the FTC’s jurisdiction; rather, section 505(a)(5) vests the Commission with enforcement authority with respect to ‘‘any other financial institution or other person that is not subject to the jurisdiction of any [other] agency or authority [charged with enforcing the statute].’’ • Financial institutions includes lenders, financial advisors, loan brokers and servicers, collection agencies, financial advisors, tax preparers, real estate settlement services, and others that are subject to GLBA.

Made with FlippingBook Annual report