The Gramm-Leach-Bliley (GLBA) Act of 1999 requires all financial institutions to design, implement, and maintain safeguards to protect the confidentiality and integrity of the personal information of their customers.

This includes information such as their names, address, phone numbers, bank information, credit histories, and Social Security numbers.

GLBA gives authority to eight federal agencies and the states to administer and enforce the Financial Privacy Rule and the Safeguards Rule.

These two regulations apply to “financial institutions,” which include not only banks, securities firms, and insurance companies, but also companies providing many other types of financial products and services to consumers. Among these services are lending, brokering, or servicing any type of consumer loan, transferring or safeguarding money, preparing individual tax returns, providing financial advice or credit counseling, providing residential real estate settlement services, collecting consumer debts, and an array of other activities.

The Financial Privacy Rule governs the collection and disclosure of customers’ personal financial information by financial institutions. It also applies to companies, whether or not they are financial institutions, who receive such information.