Consumer Privacy & GLBA

Welcome to USW's GLBA Resource Center!

​

Understanding the Gramm-Leach-Bliley Act (GLBA)

The Gramm-Leach-Bliley Act (GLBA), also known as the Financial Services Modernization Act of 1999, is a significant piece of legislation that plays a crucial role in regulating the financial industry. Enacted to enhance consumer privacy and promote competition among financial institutions, the GLBA imposes requirements on how institutions handle and protect nonpublic personal information (NPI) of their customers.

​

Key Provisions of GLBA:

1. Privacy Rule:

   • The GLBA Privacy Rule mandates financial institutions to disclose their privacy policies to customers, explaining how they collect, share, and safeguard NPI.

   • Customers have the right to opt-out of having their information shared with non-affiliated third parties.

2. Safeguards Rule:

   • The Safeguards Rule requires financial institutions to develop and implement comprehensive information security programs to protect customer information.

   • These programs must include risk assessments, safeguards to control identified risks, and regular monitoring and adjustment of the security program.

3. Pretexting Provisions:

   • GLBA addresses pretexting, which involves obtaining customer information through false pretenses. It prohibits the practice and establishes penalties for those who engage in pretexting.

​

Why GLBA Matters:

1. Consumer Privacy Protection:

   • GLBA prioritizes safeguarding consumers' sensitive financial information, instilling trust in financial institutions.

2. Risk Mitigation:

   • The Safeguards Rule aids in identifying and addressing potential risks to the security and confidentiality of customer information, reducing the likelihood of data breaches.

3. Legal Compliance:

   • Financial institutions are required to comply with GLBA to avoid legal consequences, including fines and reputational damage.

 

How our University Complies with GLBA:

1. Education and Training:

   • We prioritize educating our staff and students about GLBA regulations through training programs and resources.

2. Data Security Measures:

   • Our institution implements robust data security measures to protect sensitive information, following the guidelines set by GLBA.

   • We periodically assess service providers to ensure their commitment to safeguarding data.

3. Regular Audits and Assessments:

   • We conduct regular audits and assessments to ensure ongoing compliance with GLBA requirements and promptly address any identified issues.

   • We provide annual status reports of our security program to our Board of Trustees.

​

Resources for Further Information:

• Federal Trade Commission (FTC) - GLBA

• U.S. Department of Education - GLBA

​

At our university, we take GLBA compliance seriously, recognizing the importance of protecting the privacy and security of our community's financial information. If you have any questions or concerns about GLBA and our institution's practices, a USW staff member can direct you to our GLBA compliance team.

​

USW Designated Information Security Officer (ISO): Joshua Ford (jford1@usw.edu)