How To Complywith thePrivacy of Consumer Financial Information Ruleof theGramm-Leach-Bliley Act
A Guide for Small Business from the Federal Trade Commission
July 2002
ABOUT THE GLB ACT
The Gramm-Leach-Bliley Act was enacted on November 12, 1999. Inaddition to reforming the financial services industry, the Act addressed concernsrelating to consumer financial privacy. The Gramm-Leach-Bliley Act required theFederal Trade Commission (FTC) and other government agencies that regulatefinancial institutions to implement regulations to carry out the Act’s financial privacy provisions (GLB Act). The regulations required all covered businesses to be in full compliance by July 1, 2001.The FTC is responsible for enforcing its Privacy of Consumer FinancialInformation Rule (Privacy Rule). Anyone who uses this Guide should also reviewthe Privacy Rule, found at 16 C.F.R. Part 313 (May 24, 2000). The Privacy Rule,along with this Guide and other GLB Act materials, are available online at theFTC’s homepage,www.ftc.gov, under the heading“Gramm-Leach-Bliley Act Financial Privacy and Pretexting.”
-i-
TABLE OF CONTENTSINTRODUCTION
............................................................1I. WHO IS COVERED BY THE PRIVACY RULE.................................2Are you a financial institution?.............................................2Do you have consumers or customers?.......................................3What information is covered?..............................................4Businesses That Receive NPI from Nonaffiliated Financial Institutions..............6II. YOUR OBLIGATIONS UNDER THE PRIVACY RULE...........................6Privacy Notices.........................................................6Who Gets a Privacy Notice?...............................................6Customers........................................................6Consumers Who Are Not Customers...................................7The Contents of the Privacy Notice..........................................7The Appearance of the Privacy Notice.......................................8Safeguarding NPI........................................................8Delivering Privacy Notices................................................8Opt-Out Notices.........................................................9General Obligations................................................9Exercising the Opt-Out Right........................................9The Shelf Life of an “Opt-Out” Direction...............................9Summary Of Notice Requirements.........................................10Exceptions............................................................10Exceptions to the Notice and Opt-Out Requirements.....................10Exception to the Opt-Out Requirement: Service Providers andJoint Marketing............................................11
of 00
US Federal Trade Commission: glblong
65 Reads
Info and Rating
| Category: | Uncategorized. |
| Rating: | |
| Upload Date: | 01/21/2008 |
| Copyright: | Attribution Non-commercial |
| Tags: |
Leave a Comment