What are banks required to do under the Gramm-Leach-Bliley Act (GLBA)?
What are banks required to do under the Gramm-Leach-Bliley Act (GLBA)?
Under the Gramm-Leach-Bliley Act (GLBA), banks are required to offer an opt-out option before transferring Personal Information (PI) to an unaffiliated third party for the latter’s own use. This ensures that consumers have the opportunity to restrict the dissemination of their nonpublic personal information (NPI) to third parties who are not affiliated with the financial institution.
D. Offer an Opt-Out before transferring PI to an unaffiliated third party for the latter’s own use Section 502 describes “Obligations with Respect to Disclosures of Personal Information.” The GLBA requires that financial institutions share their privacy policies and practices with consumers in writing. Also, if the financial institution wants to share consumer nonpublic personal information(NPI) with nonaffiliated third parties, "the financial institution must give consumers the right to opt-out from the information sharing".
What is a nonaffiliated third party? A party that is not related by common ownership or corporate control. Under the GLBA, financial institutions must give consumers and customers a privacy notice with opt-out rights if they want to share nonpublic personal information with nonaffiliated third parties.
The Gramm-Leach-Bliley Act requires financial institutions – companies that offer consumers financial products or services like loans, financial or investment advice, or insurance – to explain their information-sharing practices to their customers and to safeguard sensitive data.
Financial institution may share any information it has with its” AFFILIATED “companies and joint marketing partners, which are other financial institutions with whom the entity jointly markets a financial product or service Provided – Privacy notice standard is met What information the financial institution collects about its consumers and customers? With whom it shares the information? How it protects or safeguards the information? An explanation of how a consumer may opt out of having their information shared through a reasonable ‘OPT-OUT’ process
D. Offer an Opt-Out before transferring PI to an unaffiliated third party for the latter’s own use In addition, other than for defined exceptions, a financial institution may also share consumer information with non-affiliated companies and other third parties, but only after disclosing’ information-sharing practices ‘ to customers and providing them with the opportunity to ’ OPT OUT ’.