![]() |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
Compliance
Quick Links
Secure Information Sharing
White Papers CipherEngine Resource Center
Compliance Video
![]() Watch the video Contact Us
|
|
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
Graham-Leach-Bliley Act (GLBA) Security ComplianceGLBA is designed to protect the financial private information of consumers. The law instructs financial institutions to secure and protect
private information from unauthorized use or access and updates the practice and policies for individual consumers to control the use of such data. GLBA was signed into law in 1999 with full compliance required by July 1, 2001.
How does CipherOptics help? CipherOptics CipherEngine enables Secure Information Sharing, which assures the confidentiality, authenticity, and integrity of data in motion on any network. Our approach to protecting both your network and your data is to deny access to everyone, permit by exception. With that as our driving force, our solutions provide you with both encryption and authentication of all your critical information. We use 256-bit AES encryption that is approved by the government for "sensitive but unclassified" information; our solutions authenticate networks and packets, as well as, protect data. Using the robust secure hash algorithm (SHA-1) to verify the integrity of the data, rejecting any packets that have been manipulated or altered. CipherEngine offers a reliable and proven method of ensuring GLBA requirements for data confidentiality, integrity, and authentication. They are an essential part of best practices to meet GLBA compliance. What does CipherOptics do? CipherOptics is the leader in network-wide encryption. Offering an innovative policy and key management solution, coupled with high speed, low latency encryption technology, CipherOptics helps their customers mitigate the risk of data leakage, loss and theft over any network. Who is affected by GLBA? GLBA's requirements affect U.S. financial institutions such as banks, credit unions, securities brokerages, and insurance firms. Companies providing the following other types of financial products and services to consumers are also affected: lending, brokering or servicing any type of consumer loan, transferring or safeguarding money, preparing individual tax returns, providing financial advice or credit counseling, providing residential real estate settlement services, collecting consumer debts, and so on. What are the requirements of GLBA? Title V of GLBA requires:
What are the penalties for GLBA non-compliance? The GLBA gives authority to eight federal agencies and the states to administer and enforce the Financial Privacy Rule and the Safeguard Rule. Non-compliance of GLBA can result in a variety of fines and up to 5 years imprisonment for each violation. Violation of the GLBA may result in a civil action brought by the United States Attorney General. A 2003 amendment to the act specified, (1) "the financial institution shall be subject to a civil penalty of not more than $100,000 for each such violation," and (2) "the officers and directors of the financial institution shall be subject to, and shall be personally liable for, a civil penalty of not more than $10,000 for each such violation." How do companies comply with GLBA? While most financial services firms are informing their customers of the company's privacy policy, fewer have the strong data protection measures in place to secure the personal information. The Safeguards Rule requires companies to develop a written information security plan that describes their program to protect customer information. The FTC explicitly notes that part of the plan should include "encrypting sensitive customer information when it is transmitted electronically via public networks." To meet the spirit and letter of the law, companies must:
Helpful Resources GLBA Title V, Subtitle A: Disclosure of Nonpublic Personal Information GLBA's Financial Privacy Rule (Overview) GLBA's Safeguards Rule (Overview) |
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
Copyright 2002-2008 CipherOptics, Inc. | All rights reserved | 1-877-878-6655 Trademark and Legal Notices | Privacy Policy | Site Map |
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
![]() |
![]() |
![]() |
![]() |
![]() |
![]() |
![]() |
![]() |
![]() |
![]() |
![]() |
![]() |
![]() |
![]() |
||||||||||||||||||||||||||||||||||||||||||||||||||||