Gramm-Leach-Bliley Act Compliance

Searching for an IT Support Company who understands the Gramm-Leach-Bliley Act?

Getting and staying GLBA compliant can seem like a full-time job, and you’ve already got one of those!  You pride yourself on being part of a company that is detail-oriented. That level of care extends to your compliance efforts as well.  But it’s challenging trying to keep on top of it all at the best of times. It’s time to consider a partnership with an IT support company for GLBA compliance.

There are many IT support companies vying for your computing dollar.  Many of them talk the talk, but they haven’t yet walked the walk.  And you can’t afford to have them try out untested theories or personnel on your business.  When it comes to GLBA compliance, you need an IT support company with a proven track record of helping companies just like yours.

Your ideal IT fit is out there.  Now, it’s time to find them and add them to your team!


Let KalioTek assist you in maintaining GLBA compliance.

Areas we can include in our Managed Security Services are:

  • Managed Intrusion Prevention
  • Managed Firewall Security
  • Managed Email Security (AntiSpam, AntiVirus, Content Control)
  • Managed Email Encryption
  • Managed Web Security (Web Filtering, AntiVirus, AntiSpyware)
  • Managed Instant Messaging Security
  • Managed Compliance Monitoring
  • Vulnerability Scanning
  • Penetration Testing
  • System Event Management
  • Security Assessment Update and Status

What is GLBA (Gramm-Leach-Bliley Act) compliance?

The Gramm-Leach-Bliley Act (GLBA), also known as the Financial Services Modernization Act of 1999, is an act that was passed by the United States Congress under the leadership of President Bill Clinton.   Under United States federal law, the act requires that all financial institutions must disclose how they use the consumer information they collect as well as commit to securely storing and protecting said data.

To be fully compliant with the GLBA, each financial corporation must also disclose to all clients how they share collected data, that they have the right to opt-out of third party data sharing, and to apply all required precautions to maintain customer data privacy.  Each company Is also responsible for custom designing a written information security plan outlining the precautionary measures invoked for data protection in its offices.

In support of the GLBA, the implications of failing to comply with the act are detailed in the Safeguards Rule.  Additional privacy and security regulations are outlined in the FTC’s Privacy of Consumer Financial Information Rule also know as Privacy Rule.  The penalties for failure to adhere to GLBA compliance standards can be quite severe.

The statutes of the GLBA are enforced by the FTC and other federal agencies and authorities.

Who needs to comply with GLBA compliance standards?

Under US federal law, all financial institutions are required to comply with GLBA standards.

What’s involved in becoming GLBA compliant?

Becoming GLBA compliant requires a thorough understanding of the Safeguards Rule.  The Safeguards Rule essentially focuses on the confidentiality and security of all nonpublic personal information.

Under the Safeguards Rule, all financial institutions must provide a written information security plan which describes its handling of all confidential client information.

At its most basic, the Safeguards Rule requires the following from each financial institution:

  1. The designation of a program overseer
  2. The identification and assessment of potential risks
  3. The evaluation of current security measures
  4. The design and implementation of a safeguards program
  5. The frequent monitoring and testing of the company security program
  6. The selection of appropriate service providers
  7. The oversight of service providers’ handling of sensitive information
  8. The ongoing oversight and adjustment of the company program as necessary

The Safeguards Rule also places great emphasis on the importance of employee management and training particularly as it applies to security testing, monitoring of safety protocols, and data protection, transmission, and storage.

Let’s get started! Contact KalioTek now at {phone} or {email}.  Let our team of experts take GLBA compliance off your hands for you!

KalioTek is the leading IT support company for GLBA compliance, serving the San Francisco Bay and Silicon Valley areas.

Talk to us