Privacy Newsletter: FTC Issues Rule for Safeguarding Customer Information
6/1/2002
Financial institutions under the Federal Trade Commission's (FTC's) jurisdiction have until May 23, 2003 to comply with the agency's final rule for safeguarding customer information. The Safeguards Rule requires financial institutions to develop, implement and maintain reasonable administrative, technical and physical safeguards for the protection of customer information. The Safeguards Rule also requires that institutions designate an employee to coordinate the program and run risk assessments, that institutions regularly test or monitor the effectiveness of key aspects of their information security programs, and that they contractually bind third-party service providers to implement and maintain the appropriate safeguards for customer information.
