The Gramm–Leach–Bliley Act (GLBA), also known as the Financial Services Modernization Act of 1999 is an act of the 106th United States Congress.
RSA Archer provides authoritative source content for the following:
The Federal Trade Commission (the "Commission" or "FTC") published a final privacy rule, as required by Section 504(a) of the Gramm-Leach-Bliley Act, Pub. L. 106-102 (the "G-L-B Act" or "Act"), with respect to financial institutions and other persons under the Commission's jurisdiction, as set forth in Section 505(a)(7) of the Act. Section 504 of the Act requires the Commission and other federal regulatory agencies to issue regulations as may be necessary to implement notice requirements and restrictions on a financial institution's ability to disclose nonpublic personal information about consumers to nonaffiliated third parties. Pursuant to Section 503 of the G-L-B Act, a financial institution must provide its customers with a notice of its privacy policies and practices. Section 502 prohibits a financial institution from disclosing nonpublic personal information about a consumer to nonaffiliated third parties unless the institution satisfies various disclosure and opt-out requirements and the consumer has not elected to opt out of the disclosure. This final rule implements the requirements outlined above.
The Federal Trade Commission (''FTC'' or ''Commission'') issued a final Safeguards Rule, as required by section 501(b) of the Gramm-Leach-Bliley Act (''G–L–B Act'' or ''Act''), to establish standards relating to administrative, technical and physical information safeguards for financial institutions subject to the Commission's jurisdiction. As required by section 501(b), the standards are intended to:
- Ensure the security and confidentiality of customer records and information
- Protect against any anticipated threats or hazards to the security or integrity of such records
- Protect against unauthorized access to or use of such records or information that could result in substantial harm or inconvenience to any customer
This content is available in English only.
Mappings for GLBA to the RSA Archer Control Standard Library are available in the authoritative source content pack.
The source of this content is available here.
The GLBA authoritative source content is available with the use of the RSA Archer Policy Program Management, RSA Archer Controls Monitoring Program Management, and/or RSA Archer Authorization and Assessment use cases. No additional license is required.
For Additional Support
To learn more about this content, please contact your Account Rep for additional details. To obtain this content or for technical support questions, please open a support case or contact RSA Archer at firstname.lastname@example.org for more information.