TRENDING:

Regulators Issue Model Privacy Notice

Institutions to Adopt New Form by Jan. 1, 2010 Linda McGlassonNovember 18, 2009     The final model privacy notice form was released by eight federal regulatory agencies on Tuesday and is designed to help consumers understand how financial institutions collect and share personal information.

Under the Gramm-Leach-Bliley Act (GLB Act), institutions must notify consumers of their information-sharing practices and inform them of their right to opt out of certain sharing practices. The model form issued can be used by financial institutions to comply with these requirements.

The Financial Services Regulatory Relief Act of 2006 amended the GLB Act to require the agencies to propose a succinct and comprehensible model form that allows consumers to easily compare the privacy practices of different financial institutions, and has an easy-to-read font.

The agencies conducted extensive consumer research and testing in developing the model form that was issued, says Loretta Garrison, Senior Attorney in the Privacy and Identity Protection Division at the Federal Trade Commission, the agency that led the development of the model form.

The agencies asked and received public comments on the new model form and considered those comments in developing a model form that is easier for consumers to understand and use, Garrison says.

"This form is going to apply to broad range of institutions, and from the public comments we received we're expecting positive adoption and use of the form that will grow over time," Garrison says. While it is very early in the adoption process, Garrison notes that already some large and medium sized institutions have said they expect to begin using it immediately. A community banking association also told Garrison that it expects members to be adopting it, too.

The final rule provides that a financial institution that chooses to use the model form obtains a "safe harbor" and will satisfy the disclosure requirements for notices. The rule also removes, after a transition period, the sample clauses now included in the appendices of the agencies' privacy rules.

The final model privacy form was developed jointly by the Board of Governors of the Federal Reserve System, Commodity Futures Trading Commission, Federal Deposit Insurance Corporation, Federal Trade Commission, National Credit Union Administration, Office of the Comptroller of the Currency, Office of Thrift Supervision, and Securities and Exchange Commission.

Institutions will officially begin using it on January 1, or around then when the rule becomes effective, says Tony Rodriguez, an attorney in the FTC's Privacy and Identity Protection Division.

Previous
A Career in the Secret Service: What it Takes
Next
The Softer Side of Leadership - Heidi Kraft, Careers Coach

About the Author

Linda McGlasson

Linda McGlasson

Managing Editor

Linda McGlasson is a seasoned writer and editor with 20 years of experience in writing for corporations, business publications and newspapers. She has worked in the Financial Services industry for more than 12 years. Most recently Linda headed information security awareness and training and the Computer Incident Response Team for Securities Industry Automation Corporation (SIAC), a subsidiary of the NYSE Group (NYX). As part of her role she developed infosec policy, developed new awareness testing and led the company's incident response team. In the last two years she's been involved with the Financial Services Information Sharing Analysis Center (FS-ISAC), editing its quarterly member newsletter and identifying speakers for member meetings.



Around the Network

Protecting Medical Devices Against Future Cyberthreats
Protecting Medical Devices Against Future Cyberthreats
Evolving Threats Facing Robotic and Other Medical Gear
Evolving Threats Facing Robotic and Other Medical Gear
Medical Device Cyberthreat Modeling: Top Considerations
Medical Device Cyberthreat Modeling: Top Considerations
Identity Security and How to Reduce Risk During M&A
Identity Security and How to Reduce Risk During M&A
Safeguarding Critical OT and IoT Gear Used in Healthcare
Safeguarding Critical OT and IoT Gear Used in Healthcare
Why Health Firms Struggle with Cybersecurity Frameworks
Why Health Firms Struggle with Cybersecurity Frameworks
Transforming a Cyber Program in the Aftermath of an Attack
Transforming a Cyber Program in the Aftermath of an Attack
Is It Generative AI's Fault, or Do We Blame Human Beings?
Is It Generative AI's Fault, or Do We Blame Human Beings?
How 'Security by Default' Boosts Health Sector Cybersecurity
How 'Security by Default' Boosts Health Sector Cybersecurity
How the NIST CSF 2.0 Can Help Healthcare Sector Firms
How the NIST CSF 2.0 Can Help Healthcare Sector Firms

Continue »

Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing bankinfosecurity.co.uk, you agree to our use of cookies.