NEW TO GLBA COMPLIANCE?
What businesses need to know
GLBA, originally passed in 1999, has long set the standard for how the financial industry handles nonpublic personal information (NPI) about finances. Recent updates to the Safeguards Rule requires additional data governance protections.
New Safeguards Rule
With this rule, the FTC added additional requirements for businesses to track data retention periods, ensure secure disposal of data, and to report to their board of directors on data footprint and information security.
Definition of financial institution
With the new Safeguards Rule the FTC expanded the definition of financial institution to include those engage in activities “incidental to financial activities,” such as “finders” who bring together buyers and sellers of a service.
GLBA and other privacy laws
While state privacy laws provide some exemptions for specific data covered by the GLBA, companies should not conflate this with a blanket exception. Any information collected for purposes other than financial ones (e.g. advertising, tracking, etc.) is subject to state privacy law requirements.
DATA GOVERNANCE REQUIREMENTS
Find sensitive data, wherever it lives
Managing and securing your company’s data to comply with GLBA and the new Safeguards Rule starts with visibility.
Transcend Data Mapping natively connects across your tech stack to find and classify structured and unstructured data to give you complete visibility. Easy-to-use reporting interfaces let you assign data owners, document purposes of processing and retention periods, and much more.
SECURE BY DESIGN
Data governance without infrastructure exposure
We use a zero trust framework-you keep your API keys and sensitive data fully end-to-end encrypted and Transcend never sees it. We’re committed to providing the strongest security controls in the industry to help keep you in compliance with the requirements of PCI DSS, PSD2, SOX, as well as GLBA’s Safeguards Rule.
PRECISION DATA OPERATIONS
Seamless regulation-specific governance
The personal and financial data you collect is nuanced and subject to different requirements. Transcend’s advanced configurability provides detailed precision to manage nuanced use cases. For example, specify a workflow to honor Do Not Sell for California residents within the guardrails of GLBA data.
COMPLIANCE WITHOUT COMPLEXITY