Hands-On Steps
1. From your computer workstation, create a new text document called GLBA Lab #5.
2. Review the GLBA using Wikipedia’s summary (http://en.wikipedia.org/wiki/Gramm%E2%80%93Leach%
E2%80%93Bliley_Act). For each of the following areas—many listed in Wikipedia’s outline—note the
most relevant information in your text document:
a. Legislative history
b. Changes caused by the act
c. Remaining restrictions
d. Financial Privacy Rule
i. Financial institutions defi ned
ii. Consumer vs. customer defi ned
iii. Consumer/client privacy rights
e. Safeguards Rule
f. Pretexting protection
g. Information Security Safeguards, including Guidelines for Providing Secure Data Transmission and
Guidelines for Secure Disposal of Customer Information
3. Research Financial Activities that are covered by GLBA.
4. Research how to handle non-public personal information (NPI) and the GLBA guidelines regarding the
proper security for this data. Examples of NPI include:
• Social Security number (SSN)
• Financial account numbers
• Credit card numbers
• Date of birth
• Name, address, and phone numbers when collected with fi nancial data
• Details of any fi nancial transactions
In your text document, discuss the requirements for handling non-public personal information and
the GLBA guidelines regarding the proper security for this data.
5. Research the enforcement of GLBA, including:
• The Federal Trade Commission (FTC) may bring an administrative enforcement action against any
fi nancial institution for non-compliance with the Safeguards Rule
• Penalties for violating the Safeguards Rule would likely include equitable damages caused by the
loss of privacy, for example, a breach of security resulting in an identity theft
6. Write an executive summary that summarizes how you would go about gathering and obtaining information
needed to perform a GLBA Financial Privacy and Safeguards rules compliance audit for the
seven domains of a typical IT infrastructure.
7. Submit the text document to your instructor as a deliverable for this lab.
0 comments