Pub. 1 2011 Issue 4

15 I f you have not, we recommend taking steps to get in compliance immediately. If you have, it’s still important to periodically review and assess your program to ensure you remain in compliance. History President Clinton signed the Gramm-Leach-Bliley Act (“GLB Act”) into law on November 12, 1999. In addition to reforming the financial services industry, the GLB Act included provisions for how “financial institutions” should share and protect their customers’ non-public personal information. As a result of its passage, the GLB Act required the FTC and other government agencies that regulate financial institutions to implement regulations to carry out the GLB Act’s provisions. The regulations required all covered businesses to be in full compliance by July 1, 2001. The FTC first issued the Privacy of Consumer Fi- nancial Information Rule (“Privacy Rule”) to address provisions in the GLB Act about how customer infor- mation is shared. The Privacy Rule defines “consum- ers” and “customers” and deals with how you share information about customers who obtain or apply for credit or lease products from you. Following the Privacy Rule, the FTC then enacted the Safeguards Rule to address provisions in the GLB Act regarding how customer information is protected. The Safeguards Rule deals with how you protect infor- mation about your finance and lease customers. 1, 2, 3, 4 Who must comply with the Safeguards Rule The definition of “financial institution” includes The Federal Trade Commission (FTC) enacted Standards for Safeguarding Customer Information (“Safeguards Rule”) on May 23, 2003. By now, most dealerships should have implemented their information security programs and taken steps to ensure compliance with the Safeguards Rule. Q safeguards rule — continued on page 16 Protecting Your Customers’ Information: The Safeguards Rule