DOES FTC SAFEGUARDS RULE APPLY TO MY BUSINESS?
Financial institutions are covered by the amended safeguards rule, which requires them to take measures to protect consumers’ personal information. The rule covers banks, credit unions, and other lenders, as well as broker-dealers, investment advisers, and mutual fund companies. In addition, the rule applies to companies that hold or process consumers’ personal information, whether a traditional financial institution or a “non-bank” financial institution such as auto dealers, payday lenders, or an online banking services provider. In short, if a company has access to consumers’ personal information, it must take steps to safeguard that information.
WHAT DOES THE FTC SAFEGUARDS RULE MEAN FOR MY BUSINESS?
December 9, 2022, is the compliance deadline for the new FTC Safeguards Rule. The rule requires auto dealerships, financial advisors, tax preparation firms, collections agencies and many more types of organizations to have a comprehensive information security program to protect customers’ personal information. While many organizations already have such programs in place, the new
regulations impose new requirements, such as conducting regular risk assessments and providing customers with annual notices of their rights under the rule. Failure to comply with the rule could result in significant fines from the FTC, so if you’re in a business covered under the FTC’s definition of “financial institution” (an entity is a “financial institution” if it’s engaged in an activity that is “financial in nature”), don’t let December 9, 2022, pass without having a written information security program. If you’re not ready for the new regulations to go into effect, getting some legal advice or talking to our cybersecurity is a good idea. This will help you understand the new rules and make sure you’re in compliance.
Read the full FTC.gov article here: https://www.ftc.gov/business-guidance/resources/ftc-safeguards-rule-what-your-business-needs-know