The Gramm-Leach-Bliley Act (GLBA, GLB Act, or the Financial Services Modernization Act of 1999) is a United States federal law requiring financial institutions to explain how they share and protect their customers' non-public personal information (NPI). The GLBA gives the following entities the ability to implement further regulations to ensure appropriate privacy provisions and security.: Consumer Financial Protection Bureau (CFPB) The Securities Exchange Commission (SEC) The Commodity Futures Trading Commission (CFTC) The Federal Trade Commission (FTC) Federal banking agencies Federal regulatory agencies State insurance oversight agencies
There are three major rules of the GLBA, designed to work together to govern the collection, disclosure, and protection of customers' non-public personal information (NPI), namely: The Financial Privacy Rule: Restricts the sharing of non-public personal information (NPI) about an individual and requires financial institutions to provide each consumer with a privacy notice at the start of the customer relationship and annually after that.
The GLBA Financial Privacy Rule restricts the sharing of non-public personal information (NPI) and requires customers to be given a privacy notice at the start of the customer relationship and every year after that.
In short, the Financial Privacy Rule provides a privacy agreement between the financial institution and the customer regarding the protection of their non-public personal information (NPI).