In September 2008, I received one of the reports that you hear about, but never think happen to you. It was a letter from my mortgage lender to let me know “employee may have sold unauthorized personal information to third parties” . In short, there had been a data breach of the company.
Unfortunately, my story is not unique. Millions of consumers have had their privacy at risk by financial institutions. The difference between safety, some companies promise on paper and what happens in practice puts a dent in consumer confidence. Every month since I got the notice, I spend the extra time to review every bank statement. It is not only concerned, it is inconvenient to be on high alert.
Financial services company under the jurisdiction of the Federal Trade Commission are subject to the provisions of the FTC Safeguards Rule. Under the rule, every company needs to ensure effective information security program.
When I opened my account, mortgage lender me privacy as required by federal and California law. However, the policy of information security was only good on paper. As a one-legged stool, it did not hold up in practice.
A financial security is a better chance of success if it includes the following three main factors:
1. Risk : The plan needs to identify and anticipate internal and external threats to the integrity of customer data. Financial Information security requires proactive planning for real and potential vulnerabilities. Risk assessment is an effective tool for such a policy.
2. Accurate Compliance Language : The growing incidence of data breaches shows that some companies are not honoring declared compliance obligations. The policy document that clients receive must reflect the exact language go. However, financial information security, based on realistic expectations stands a better chance of success than one in pretentious legal terms.
3. Governance : Obviously, governance is a function of the size of the company. There is hardly a lack of hierarchy and titles in large companies. However, the point of compliance governance is in charge? Financial information security is more likely to succeed with effective governance where responsibility and coordination.
problem of identity theft and fraud make information security a big deal for everyone. Data security based customer confidence. It is good for business. It’s the law. It requires effective platform that includes key elements of risk management, compliance and administration.