GLBA Compliance

With rapid changes in technology, such as advances in mobile and Web 2.0 solutions, protecting customer information continues to be a challenge. For example, GLBA compliance requires us to analyze the risks before moving customer information into emerging technology models such as voice over IP (VoIP) systems or cloud computing. Clearly, organizations would be well served to invest time and effort early in the process to identify and assess observable risks in any new technology that processes customer data. This is where InfoSight can help.

Section 501(b) of the Gramm-Leach-Bliley Act (GLBA) contains important provisions aimed at the protection of information including data in both electronic and non-electronic formats. Protecting information assets is necessary to establish and maintain trust between the financial institution and its customers, maintain compliance with the law, and protect the reputation of the institution. The primary goals of a GLBA Compliance Assessment are to:

• To ensure the security and confidentiality of customer records and information.
• To determine that the Bank has established an adequate written Information Security Program.
• To assess the quality of the Banks' compliance management policies and procedures for implementing the privacy regulation, specifically ensuring consistency between what the Bank tells consumers in it notices about its policies and practices and what it actually does.

Regardless of how little or how help much you need, InfoSight's compliance experts will provide the GLBA support you need to ensure compliance. Contact us today.

Complementary Services
IT Audit / Compliance Assurance Program
GLBA Risk Assessment
Enterprise Risk Management