The Federal Trade Commission (FTC) has revised the “Standards for Safeguarding Customer Information” (Safeguards Rule) under the Gramm-Leach-Bliley Act (GLBA). The Safeguards Rule is intended to strengthen data security to help protect your customers’ financial data. The Safeguards Rule applies to any business or entity that provides or facilitates financial services, including dealerships and other similar industries that gather customer financial data. The new guidelines were released on Dec. 9, 2021, giving those affected by the changes a year to comply with the new standards and objectives. Starting Dec. 9, 2022, amendments to the FTC Safeguards Rule require non-banking financial institutions to develop, implement, and maintain a comprehensive security system to keep customer information safe. Motor vehicle dealers constitute a “non-banking financial institution” for purposes of the Rule. Dealers must understand how these amendments may apply to their dealership before renewing or signing a new contract with a data security vendor. Personally Identifiable Financial Information (PIFI) The Revised Safeguards Rule applies to all customer information and includes any customers of other financial institutions that have shared information with you. The customer information protected under the Safeguards Rule applies to Personally Identifiable Financial Information (PIFI). PIFI does not simply include social security numbers and credit card information, but all transactions that might disclose a customer’s financial information. How Dealerships Can Comply With the Revised Safeguards Rule By Eide Bailly 20
RkJQdWJsaXNoZXIy ODQxMjUw