Magazine article Security Management

Regulatory Issues. (Legal Reporter)

Magazine article Security Management

Regulatory Issues. (Legal Reporter)

Article excerpt

Privacy. The Federal Trade Commission (FTC) has issued a final rule that sets standards for the technical and physical security standards that financial institutions must enact to protect customer information. The standards take effect May 2003.

The standards are mandated by the Gramm-Leach-Bliley Act of 1999 and are designed to ensure the security of customer records, defend against anticipated threats, and protect against unauthorized access.

The FTC rule requires that financial institutions implement an information security program and update that program regularly to respond to new threats or to adjust procedures to new technology. In addition, all financial institutions are required to designate at least one employee to oversee its information security program. Each company may determine whether to assign additional employees to handle different subsidiaries.

The rule allows organizations to outsource security functions as long as a company employee ensures that the functions are carried out correctly. (The rule makes it clear that this provision neither creates nor limits liability for financial institutions. …

Search by... Author
Show... All Results Primary Sources Peer-reviewed

Oops!

An unknown error has occurred. Please click the button below to reload the page. If the problem persists, please try again in a little while.