This Friday (6/9), FTC Safeguards Rule Goes Into Effect!
The Federal Trade Commission updated its “Standards for Safeguarding Customer Information” (“Safeguards Rule”) and extended the compliance deadline to June 9, 2023. Some organizations still may be wondering – “Do these regulations apply to my business?” and “What do I have to do?”
Who Needs to Comply?
Mortgage lenders, mortgage brokers, motor vehicle dealers, payday lenders, finance companies, account servicers, check cashing companies, wire transferors, collection agencies, credit counselors and other financial advisors, tax preparation firms, non-federally insured credit unions, and investment advisors that aren’t required to register with the SEC.
What Needs to Be Done
- a designated, qualified person to oversee the company information security program,
- a written risk assessment,
- limit and monitor who can access sensitive customer information,
- encrypt all sensitive information,
- train security personnel,
- develop an incident response plan,
- periodically assess the security practices of service providers, and
- implement multi-factor authentication or another method with equivalent protection for anyone accessing customer information.
To comply with the Safeguards Rule, companies should start by conducting a risk assessment to identify their security vulnerabilities and develop a comprehensive information security program that includes administrative, technical, and physical safeguards. View our FTC Safeguards Starter Guide to learn more!
Need help with any of the Safeguard requirements? Schedule a Safeguards Compliance Assessment
The BMT team has the tools and expertise to make sure you’re compliant by the deadline and prepared to protect your customers’ financial information.
Time is running out to become FTC Safeguard Compliant!