Gramm-Leach-Bliley Act Compliance

Establish information security programs that will protect customers’ personal financial data

To be compliant with the Gramm-Leach-Bliley Act (GLBA), financial institutions must communicate to their customers how they share their sensitive information, inform customers of their right to opt-out if they prefer that their personal data not be shared with third parties, and apply specific protections to customers’ private data according to a written information security plan created by the institution.

Many organizations such as check cashing businesses, mortgage brokers, real estate appraisers, professional tax preparers and other businesses are surprised to learn that they qualify as financial institutions under GLBA. These businesses are significantly involved in providing financial products and services, so they must disclose to their customers how they share and protect private information.

Does your organization have the internal controls in place to protect consumers’ personal financial information? Passing a GLBA risk assessment requires showing proof and the actual presence of controls that are mandated by the requirements.

Skoda Minotti Risk Advisory Services focus on developing a practical approach to GLBA compliance to help you efficiently and effectively manage customer privacy. Our experienced professionals guide you through the process, beginning with an initial information security review. We identify risks, prioritize controls and implement an information security program that adheres to GLBA requirements.

Assessing IT Risks for GLBA Compliance

Our trained advisors provide a full complement of information security services to ensure your organization can pass a GLBA assessment. Your integrity depends on maintaining the trust of your customers, so we help design a program that protects private information.

  • Information Security Review: We examine your policies and procedures, and take stock of your organization’s technology and physical security.

  • Social Engineering Test: This test imagines the worst-case scenario and identifies how attackers could compromise your security so you can understand where you need to add greater protection.

  • External Penetration Test: We use in-house developed technology to mirror a security attack so we can reinforce weak systems.

  • iScan: We work hard to perform our tasks without disrupting normal business activities. iScan enables us to remotely scan your entire network for vulnerability, including patch management and port scanning.

For more information about GLBA Compliance at Skoda Minotti, please complete the form below or call Joseph Compton at 440-449-6800.

Joe Compton Headshot 2019-1
Joseph Compton
CISSP, CISA, QSA, CICP
Principal

VIEW BIO

Your integrity depends on maintaining the trust of your customers, so we help design a program that protects private information.

Joseph Compton
Principal

Related Resources