Which U.S. federal law specifically requires financial institutions-including banks, mortgage companies, and other commercial lenders-to develop, implement, and maintain a written information security program to safeguard customers' nonpublic personal information under its Safeguards Rule?
Sarbanes-Oxley Act (SOX)
General Data Protection Regulation (GDPR)
Health Insurance Portability and Accountability Act (HIPAA)
The Gramm-Leach-Bliley Act (GLBA) contains the Safeguards Rule, which obligates financial institutions to create and maintain a comprehensive information security program protecting the confidentiality and integrity of customers' nonpublic personal information. HIPAA governs protected health information in the healthcare sector, GDPR is a broad European privacy regulation covering many organizations, and the Sarbanes-Oxley Act focuses on financial reporting controls for public companies. None of these impose the specific Safeguards Rule on commercial lenders that GLBA does.
Ask Bash
Bash is our AI bot, trained to help you pass your exam. AI Generated Content may display inaccurate information, always double-check anything important.
What is the purpose of the Gramm-Leach-Bliley Act (GLBA)?
Open an interactive chat with Bash
What types of entities are required to comply with the Safeguards Rule under GLBA?
Open an interactive chat with Bash
What does 'nonpublic personal information' mean under GLBA?