Banking Regulators Issue Data Breach Rules

Share this content:
Four federal agencies responsible for regulating financial institutions issued new rules last week regarding breaches of personal information.


The Federal Deposit Insurance Corporation, the Board of Governors of the Federal Reserve System, the Office of the Comptroller of the Currency and the Office of Thrift Supervision jointly announced the rules March 23. They also released a 66-page guidance document, "Interagency Guidance on Response Programs for Unauthorized Access to Customer Information and Customer Notice."


Effective immediately, the rules mandate that financial institutions implement a response program to address security breaches of personally identifiable customer information, including notification of consumers when substantial harm or inconvenience is likely.


After assessing the situation, "If the institution determines that misuse of its information about a customer has occurred or is reasonably possible, it should notify the affected customer as soon as possible," according to the guidance.


Regardless of whether consumer notification is warranted, institutions must notify their primary federal regulator of all security breaches involving sensitive customer information under the rules. However, notification may be delayed for law enforcement purposes.


Though the rules do not apply to ChoicePoint, LexisNexis or other data companies that have suffered breaches recently, they do apply to Bank of America. The financial institution made news in late February when it said that some of its computer data tapes containing personal and account information for 1.2 million federal government charge card program customers were lost during shipment to a backup data center.


Kristen Bremner covers list news, insert media, privacy and fundraising for DM News and DMNews.com. To keep up with the latest developments in these areas, subscribe to our daily and weekly e-mail newsletters by visiting www.dmnews.com/newsletters


Loading links....

Sign up to our newsletters

Company of the Week

We recently were named B2B Magazine's Direct Marketing Agency of the Year, and with good reason: We make real, measureable, positive change happen for our clients. A full-service agency founded in 1974, Bader Rutter expertly helps you get the right message to the right audience at the right time through the right channels. As we engage our clients' audiences along their journey, direct marketing (email, direct mail, phone, SMS) and behavioral marketing (SEM, retargeting, contextual) channels deliver information relevant to the needs of each stage. We are experts at implementing and leveraging marketing technologies such as CRM and marketing automation in order to synchronize sales and marketing communications. Our team of architects and activators plan, execute, measure and adjust in real time to ensure the strategy is working as needed and change things if it's not.

Find out more here »

DMN's Career Center

Check out hundreds of exciting professional opportunities available on DMN's Career Center.  
Explore careers in digital marketing, sales, eCommerce, marketing communications, IT, data strategies, and much more. And don't forget to update your resume so employers can contact you privately about job opportunities.

>>Click Here