Effective Date Set for Amendments to Customer Information "Safeguards Rule"
The FTC set an effective date of May 13, 2024 on amendments to the "Standards for Safeguarding Customer Information" rule. The final rule requires financial institutions to report "any notification event where unencrypted customer information involving 500 or more consumers is acquired without authorization." The final rule was published in the Federal Register.
According to the FTC, financial institutions must include in their reports of notification events: (i) contact information of the reporting financial institution, (ii) a description of the information involved in the event, (iii) the dates surrounding the event, if possible, (iv) the number of customers affected and (v) a description of the event, including whether any law enforcement official has communicated to the financial institution that making the event known to the public could impede a criminal investigation or threaten national security.
Related Articles
-
An FTC final rule to strengthen data security measures to further protect consumer financial data goes into effect on January 10, 2022. Certain provisions are extended until December 9, 2022 to allow financial institutions more time to modify their information security programs to comply with the new requirements.
-
The FTC adopted amendments to its Standards for Safeguarding Customer Information to strengthen the data security measures that financial institutions must implement to protect consumer financial data.
