top of page

DIG this week's security tip

DOES THE NEW FTC SAFEGUARDS RULE AFFECT YOU?

Logo for the DIG's CYBER TIPS
DIG THIS CYBER TIP

The U.S. Federal Trade Commission (FTC) recently revised the “Safeguards Rule” to require non-banking financial institutions to develop, deploy and maintain a comprehensive security program to keep customer financial data safe.


The FTC’s definition of non-banking financial institutions essentially includes any organization that handles customer financial data and engages in transactions that use personal consumer information. Some of the affected organizations include:

Cyberattacks are on the rise and the FTC has updated their Safeguards Rule.
FTC Safeguards Rule


• Mortgage lenders and brokers

• Payday lenders

• Finance companies

• Automobile dealerships

• Collection agencies

• Tax preparation firms

• Credit counselors and other financial advisors

• Retailers that issue their own credit cards

• Non-federally insured credit unions

• Personal property or real estate appraisers

• Travel agencies in connection with financial services


Starting June 9th, the revised Safeguards Rule requires the identified organizations to:

• Designate a qualified person to oversee their information security program,

• Develop a written risk assessment,

• Limit and monitor who can access sensitive customer information,

• Encrypt all sensitive information,

• Train security personnel,

• Develop an incident response plan,

• Periodically assess the security practices of service providers, and

• Implement multi-factor authentication or another method with equivalent protection for anyone accessing customer information.


Cyberattacks are on the rise and we expect other industries will be adding similar requirements soon. To learn more about the Safeguard Rule, check out the FTC’s website.




5 views0 comments

Recent Posts

See All

Comments


bottom of page