Which U.S. federal law specifically requires financial institutions-including banks, mortgage companies, and other commercial lenders-to develop, implement, and maintain a written information security program to safeguard customers' nonpublic personal information under its Safeguards Rule?
Health Insurance Portability and Accountability Act (HIPAA)
The Gramm-Leach-Bliley Act (GLBA) contains the Safeguards Rule, which obligates financial institutions to create and maintain a comprehensive information security program protecting the confidentiality and integrity of customers' nonpublic personal information. HIPAA governs protected health information in the healthcare sector, GDPR is a broad European privacy regulation covering many organizations, and the Sarbanes-Oxley Act focuses on financial reporting controls for public companies. None of these impose the specific Safeguards Rule on commercial lenders that GLBA does.
Ask Bash
Bash is our AI bot, trained to help you pass your exam. AI Generated Content may display inaccurate information, always double-check anything important.
What are examples of data handling standards in commercial lending?
Open an interactive chat with Bash
Why do commercial lenders have stricter mandates compared to other industries?
Open an interactive chat with Bash
How do lending institutions uncover illicit actions through their controls?