Gramm-Leach-Blilely Act

News & Analysis as of

The CFPB and Data Security Enforcement

The Consumer Financial Protection Bureau (CFPB) announced its intention to act as a data security regulator by releasing its first unfair, deceptive or abusive acts or practices (UDAAP) enforcement action for allegedly...more

Illinois Joins the Fray: Strengthens its Laws Around Data Breach Notification and Data Security

Sophisticated phishing scams and muscular hacking efforts continue to compromise personal and sensitive information held by insurers, hospital systems, and businesses large and small. In response, many states have...more

The Paper Trail: The Potential Data-Breach Sitting in your Printer

In April 2016, the sensitive personal medical information of NFL players was stolen from the car of a trainer who had left the files in a backpack in his locked car. In 2014, Safeway, Inc. settled charges brought by the...more

Tennessee Legislature Amends Data Breach Notification Statute - Encryption is No Longer an Automatic Safe Harbor

On March 24, 2016, Governor Haslam signed S.B. 2005 which amends Tennessee's data breach notice statute. The amended statute will go into effect on July 1, 2016. The new Tennessee breach notice requirements are triggered by...more

NAIC Task Force Continues Work on Insurance Data Security Model Law

On May 24 and 25, the National Association of Insurance Commissioners (the NAIC) Cybersecurity (EX) Task Force (the Task Force) hosted a meeting in which state insurance commissioners and interested parties were invited to...more

FTC Staff Tackle FCC Privacy Rules in Public Comment

As the Federal Communications Commission sifts through over 50,000 comments received in response to its proposed broadband privacy rules, the Federal Trade Commission’s comments are likely to stand as a highlight. In a...more

Ransomware: Electronic Extortion for a Digital Era

Last month, the FBI asked the American Bar Association to share a cyberalert with its members warning of an increased risk of ransomware. Ransomware poses significant legal and operational risks to businesses. Personnel at...more

NAIC Report: 2016 Spring National Meeting

The National Association of Insurance Commissioners (NAIC) held its 2016 Spring National Meeting from April 1 through April 6 in New Orleans, Louisiana. As host, Louisiana provided beautiful weather and bountiful great food....more

Illinois Enacts Sweeping Changes to the Illinois Personal Information Protection Act

On May 6, 2016, Illinois joined a growing number of states that have strengthened their data breach notification requirements and expanded the definition of protected personal information. Effective January 1, 2017, HB1260...more

Sensitive Information: How Insurance Producers Can Protect Consumer Privacy

Introduction. Insurance sales may be conducted using entirely impersonal tools. An insurance consumer may fill out a form on an internet web site, and through automated systems have a policy of insurance issued without any...more

Tennessee’s Data-Breach Notice Requirements Among the Nation’s Toughest

On July 1, 2016, Tennessee’s new notice requirements for breaches of data security systems which compromise an individual’s personal information will take effect. The amendments to Tennessee’s current rules, found at T.C.A....more

Illinois Makes Extensive Changes to Data Breach Notification Law

On May 6, 2016, Illinois Governor Bruce Rauner signed HB1260, which significantly updates the state’s Personal Information Protection Act. The changes take effect on January 1, 2017. When the new law becomes effective,...more

Cyber Security

Roughly one million pieces of malware—computer viruses or malicious software—are released every day. In recent years, we’ve witnessed an unprecedented level of activity in the cyber arena, both in the form of increased...more

OPT-IN vs. OPT-OUT

As technology continues to make it easier for businesses across the globe to collect, maintain, and use personally identifiable information (“PII”), securing PII has become increasingly important. For most businesses, having...more

Financial Institutions Spend More on Cybersecurity

Financial institutions have been at the forefront of protecting their customers’ personal information, including names, addresses, phone numbers, account numbers, Social Security numbers, income, and credit histories. The...more

Privacy & Cybersecurity Newsletter: April 2016

What seems like a long time ago now, in 2011 PricewaterhouseCoopers (PwC) warned that “there is no question that law firms are among the companies being targeted by cyber criminals.” Despite this, many law firms believed (or...more

New Proposed Rules on Banker Incentive Compensation Released

The National Credit Union Administration, or NCUA, became the first of six Agencies to unveil a revised rule proposal under Section 956 of the Dodd-Frank Act: prohibiting incentive-based payment arrangements that the...more

Tennessee Gives Businesses 45 Days for Data Breach Notice

Recent amendments to the State’s data breach statute give a hard deadline for a business to provide consumer notice, removes encryption safe harbor, exempts entities that are subject to the Health Insurance Portability and...more

Privacy Implications of CISA for Financial Institutions

Financial institutions are attractive targets for cyber attacks due to their collection of private customer and economic information. In order to help the private sector respond more effectively to cyber attacks, President...more

Top 10 Financial Institution Considerations for 2016: #5 – Marketplace Lending

In our initial article announcing our top 10 considerations for financial institutions in 2016, our fifth consideration was marketplace lending. Just as the U.S. government and banking agencies have focused efforts to...more

Top 10 Financial Institution Considerations for 2016: #4 – Data Security and Privacy

In our initial article announcing our top 10 considerations for financial institutions in 2016, our fourth consideration was data security and privacy. While the recent focus has been on cybersecurity, it is important to...more

Lesson in the history of the Gramm-Leach Bliley privacy protections: Victoria’s Secret started it all

Did you know that a Victoria’s Secret catalog is one of the top reasons that Congress included privacy protections in the Gramm-Leach Bliley Act (GLB Act)? The GLB Act protects consumers’ financial information and requires...more

CFPB Initiates Its First Data Security Enforcement Action

The Consumer Financial Protection Bureau (CFPB) has announced its first data security enforcement action. Since the 1990s, the Federal Trade Commission (FTC) has primarily taken on the role as the de facto federal regulator...more

Developments in Cybersecurity: Privacy Laws, Hacking Beyond Customer Data, and Communicating with Corporate Boards

I. Legal Exposure to Federal and State Privacy Laws - A. Federal Statutes and Enforcement - 1. Federal Trade Commission Act, 15 U.S.C. §§ 41-58 - The Federal Trade Commission (FTC) has emerged as the leading...more

FDIC "Framework for Cybersecurity" Highlights How Financial Institution Information Security Programs Can Better Respond to...

In February, 2016, the Division of Risk Management Supervision of the Federal Deposit Insurance Corporation (“FDIC”) published “A Framework for Cybersecurity.” The article provides a good “sanity check” for financial...more

127 Results
|
View per page
Page: of 6
JD Supra Readers' Choice 2016 Awards

"My best business intelligence, in one easy email…"

Your first step to building a free, personalized, morning email brief covering pertinent authors and topics on JD Supra:

Sign up to create your digest using LinkedIn*

*By using the service, you signify your acceptance of JD Supra's Privacy Policy.

Already signed up? Log in here

*With LinkedIn, you don't need to create a separate login to manage your free JD Supra account, and we can make suggestions based on your needs and interests. We will not post anything on LinkedIn in your name. Or, sign up using your email address.
×