March 6, 2023–The Federal Trade Commission has released new regulations for data protections which have a deadline of June 9, 2023. The new regulations apply to a wide range of businesses.
Curious if your business needs to be aware or make changes? Let’s learn more about what the FTC does and what its new regulations entail.
What is the Federal Trade Commission’s Safeguards Rule?
The Safeguards Rule is a shortened name for the Federal Trade Commission’s Standards for Safeguarding Customer Information, which ensures entities covered by the Rule maintain safeguards to protect the security of customer information.
The Safeguards Rule requires financial institutions within the FTC’s jurisdiction to have proactive measures that protect customer information and keep it secure.
Who Does the Safeguards Rule Apply to?
“Financial institutions” has far-reaching meaning regarding the Safeguards Rule. Don’t assume you’re exempt if you’re not a CPA firm or a bank.
These industries and institutions are covered under the Safeguards Rule:
- Accountants
- CPAs / Tax preparation firms
- TPAs (Third-Party Administrators)
- Financial advisors
- Wire transferors
- Travel agencies operated in connection with financial service
- Mortgage lenders
- Payday lenders
- Finance companies
- Mortgage brokers
- Finance companies
- Account servicers
- Check cashers
- Collection agencies
- Investment advisors (ones that are not required to register with the SEC)
How Do I Maintain Compliance Under the FTC’s New Regulations?
The FTC requires financial institutions to have an information security program that is written and appropriate for the size and complexity of their business, the nature and scope of business activities, and the sensitivity of information handled by their business. The FTC Safeguards Rule aims to ensure the security and confidentiality of customer information, first and foremost. They also work to protect against unauthorized access and anticipated threats to the security or integrity of information.
To remain compliant, some businesses must change their existing security program or entirely create one if they don’t have one.
If you’re wondering if your business needs to make changes to your security program to maintain compliance, you should consider two items:
- Was your information security program updated within the last year?
- Has your business updated its information security program to reflect the revisions of the 2023 Rules?
A “no” answer to either of these items means your organization needs to look deeper at your cybersecurity plan. If you have questions about the changes you may need to make or need help to initiate the changes, Clarity Technology Group can help.
With experience working with financial institutions in the Greater Madison Area on their cybersecurity plans, we ensure that your systems, data, and even mobile devices are safeguarded from cyber criminals and their ever-evolving attacks to prevent security breaches. Get in touch with our team here.
For additional information on the FTC regulations changes, view this article.