Thank you for sharing!

Your article was successfully shared with the contacts you provided.

<p>WASHINGTON-The Federal Trade Commission (FTC) issued a final rule concerning safeguarding customer information as required under the Gramm-Leach-Bliley Act. The rule covers non-federally insured credit unions and Credit Union Service Organizations (CUSOs) that do not fall under NCUA’s purview but also permits those credit unions to comply with NCUA’s Guidelines for Safeguarding Member Information to be in compliance for FTC’s purposes. CUNA had lobbied hard for this provision. “The Commission does not intend to impose undue burdens on entities that already are subject to comparable safeguards requirements,” the reg reads. “In particular, the Commission envisions that any entity that can demonstrate compliance with the Banking Agency Guidelines (including the substantively identical NCUA Guidelines) will also satisfy the Rule.” The rule becomes effective May 22, 2003, but for contracts between financial institutions and service providers, the institution has until May 24, 2004, to bring those providers into compliance, if the contract was in place before June 24, 2002. The final rule requires the creation of a written information security program including certain basic elements, subject to size and complexity of the institution including: 1. designating an employee or employees to coordinate its information security program in order to ensure accountability and achieve adequate safeguards. 2. identifying `reasonably foreseeable’ internal and external risks to the security, confidentiality, and integrity of customer information that could result in the unauthorized disclosure, misuse, alteration, destruction or other compromise of such information, and assess the sufficiency of safeguards aimed at controlling these risks. 3. designing and implementing information safeguards to control the risks identified through risk assessment, and regularly test or otherwise monitor the effectiveness of the safeguards’ key controls, systems, and procedures. 4. taking reasonable steps to assure itself that its current and potential service providers maintain sufficient procedures to detect and respond to security breaches, and (2) maintain reasonable procedures to discover and respond to widely-known security failures by its current and potential service providers; and 5. evaluating and adjusting its information security program from results of testing and monitoring required by provision number 3 any material changes to its operations or business arrangements; or any other circumstances that you know or have reason to know may have a material impact the program. In the future, FTC plans to issue materials to help identify risks and aid compliance with the rule. [email protected]</p>

Complete your profile to continue reading and get FREE access to CUTimes.com, part of your ALM digital membership.

Your access to unlimited CUTimes.com content isn’t changing.
Once you are an ALM digital member, you’ll receive:

  • Critical CUTimes.com information including comprehensive product and service provider listings via the Marketplace Directory, CU Careers, resources from industry leaders, webcasts, and breaking news, analysis and more with our informative Newsletters.
  • Exclusive discounts on ALM and CU Times events.
  • Access to other award-winning ALM websites including Law.com and GlobeSt.com.

Already have an account?


Credit Union Times

Join Credit Union Times

Don’t miss crucial strategic and tactical information necessary to run your institution and better serve your members. Join Credit Union Times now!

  • Free unlimited access to Credit Union Times' trusted and independent team of experts for extensive industry news, conference coverage, people features, statistical analysis, and regulation and technology updates.
  • Exclusive discounts on ALM and Credit Union Times events.
  • Access to other award-winning ALM websites including TreasuryandRisk.com and Law.com.

Already have an account? Sign In Now
Join Credit Union Times
Live Chat

Copyright © 2022 ALM Media Properties, LLC. All Rights Reserved.