March 3rd, 2022

Protecting Non-Public Personal Information - WST

Back in 1999, when Michael Jordan was enjoying his second retirement and everyone was freaking out about Y2K, Congress passed the Gramm-Leach-Bliley Act (GLBA), which ensured the safeguarding of consumer non-public personal information (NPI). The GLBA dictates what consumer information is protected, your institution’s ability to limit the sharing of that information, and how and with whom the financial institutions can share the information with other affiliates. Some institutions, depending on the amount of information they share, must allow a consumer to opt-out of that information sharing.

Similarly, another regulation for protecting consumer non-public information is the 1978 Right to Financial Privacy Act (RFPA) which establishes procedures that federal government authorities must follow in order to obtain information from a financial intuition.

Finally, another mechanism used to ensure privacy of consumer information, for more delicate transactions, is the trusty Non-Disclosure Agreement which has proven to be a useful tool in securing consumer non-public personal information.

If you’d like more information about compliance and ensuring your institution is meeting GLBA or other regulatory requirements, please reach out to our Compliance staff or anyone at 10-D Security. You can also read more about the hypotheticals of data loss and protecting NPI in the accompanying blog post at

Authored by: Josh Mourning, CCBP and Mike Smith, AWS CCP

You May Want to Read More:

The Scope of SARs - Something Old and Something New - WST

January 28th, 2021

Did you know that filing Suspicious Activity Reports...

In with the new year, out with the Flash - WST

January 21st, 2021

The writing has been on the wall for a while now ...

Back to Basics: Understanding Risk Concepts - WST

January 15th, 2021

People often make judgements and decisions about risk...

Keep your institution off the evening news.

Contact Us