The Safeguard Rules

The Safeguard Rules are for all businesses regardless of their size.  If you are a business that is involved significantly in providing financial products or services, you must follow these Safeguard Rules by law.  Companies such as credit reporting agencies or ATM operators are not excluded because they receive customer’s information.

These rules ought not to be a burden to you as a financial institution because if you care about your customers, then you should be glad to have these safeguards set up so that you can help provide a sense of security and trust between you and the customer.  

As a business that adheres to the safeguard rules, there a few steps that you should take to enhance the security of your business.

1. First of all, make sure that the information security program is appropriate for your business and it’s size.  It is your responsibility to keep up with all the latest technology, and know how to protect your information against all the latest fraud tactics.

2. Conduct a thorough risk assessment to see where your company would stand if it was attacked by an identity thief.  The assessment includes areas of operation, administrative, technical, and physical.  Plan to take action quickly after the assessment because the information could be used negatively in court if you were attacked and the weakness that was revealed in the assessment was the reason why your data could be breached.

3. It is important that each employee trained in these areas.  It is your responsibility as a business to check the references and backgrounds of all your employees, as well as require a confidentiality agreement to be signed.  In addition, you should use passwords on your employee computers to track their work, and don’t forget to erase passwords of terminated employees.

For more information about these Safeguard Rules, you can visit the Federal Trade Commission website at www.ftc.gov.  There, you will also find videos and other helpful resources to help you in making sure your customer’s information stays secure.

You should be aware that Congress is continually trying to keep up with the information age and help keep individuals protected.  Therefore, the Gramm-Leach-Bliley Act is continually changing.  You must keep up with the changes in the Federal agencies as well as the state laws, and as the laws progress, so must your company in keeping your information secure.