The Safeguards Rule was recently amended to provide more specific guidance on what constitutes a reasonable information security program. The revised rule includes new requirements for risk assessment, encryption, multi-factor authentication, incident response, and reporting, among others.
The Safeguards Rule was recently amended to provide more specific guidance on what constitutes a reasonable information security program. The revised rule includes new requirements for risk assessment, encryption, multi-factor authentication, incident response, and reporting, among others. In October 2023, the FTC announced revised provisions related to reporting data breaches and security incidents. Businesses were given six months to prepare for these changes. As of May 13, 2024, these changes are now in effect. Reference: Safeguards Rule notification requirement now in effect.Â
The updated Safeguards Rule requires financial institutions to notify the FTC as soon as possible, and no later than 30 days after discovery, of a security breach involving the information of at least 500 consumers. The Rule defines an incident that triggers notification as an acquisition of unencrypted customer information without the authorization of the individual to which the information pertains.
The Safeguards Rule applies to a wide variety of entities that may have consumers’ confidential financial information. This includes businesses like mortgage lenders, payday lenders, finance companies, mortgage brokers, account servicers, check cashers, wire transferors, collection agencies, credit counselors and other financial advisors, tax preparation firms, non-federally insured credit unions, and investment advisors that aren’t required to register with the SEC. Reference: FTC Safeguards Rule: What Your Business Needs to Know.Â
Don’t wait until it’s too late. Contact us today to schedule a free consultation and learn how we can help you comply with the FTC Safeguards Rule.
"*" indicates required fields
"*" indicates required fields
"*" indicates required fields
"*" indicates required fields
"*" indicates required fields
"*" indicates required fields
"*" indicates required fields
"*" indicates required fields
"*" indicates required fields
"*" indicates required fields
"*" indicates required fields
"*" indicates required fields
"*" indicates required fields
"*" indicates required fields
"*" indicates required fields
"*" indicates required fields
"*" indicates required fields