{"id":51049,"date":"2023-06-08T08:23:41","date_gmt":"2023-06-08T12:23:41","guid":{"rendered":"https:\/\/insi.net\/?p=51049"},"modified":"2023-06-08T08:23:41","modified_gmt":"2023-06-08T12:23:41","slug":"glba-best-risk-assessment-program","status":"publish","type":"post","link":"https:\/\/insi.net\/insi-articles\/glba-best-risk-assessment-program\/","title":{"rendered":"GLBA Best Risk Assessment Program"},"content":{"rendered":"
[et_pb_section fb_built=”1″ _builder_version=”4.16″ global_colors_info=”{}”][et_pb_row _builder_version=”4.16″ background_size=”initial” background_position=”top_left” background_repeat=”repeat” min_height=”1809px” global_colors_info=”{}”][et_pb_column type=”4_4″ _builder_version=”4.16″ custom_padding=”|||” global_colors_info=”{}” custom_padding__hover=”|||”][et_pb_text _builder_version=”4.16″ background_size=”initial” background_position=”top_left” background_repeat=”repeat” min_height=”1701px” global_colors_info=”{}”]<\/p>\n
Do you need a GLBA best risk assessment? <\/span><\/p>\n What is a Gramm-Leach-Bliley Act (GLBA) Risk Assessment? The bill aims to protect clients’ private information by requiring insurance companies, commercial banks, and investment banks to explain how they share and protect their customer’s confidential information.<\/span><\/p>\n There are three requirements to meet the GLBA guidelines:<\/span><\/p>\n GLBA requires financial institutions to provide clients with written privacy notices that explain their internal information-sharing practices.<\/span><\/p>\n Secure Service Providers comprise any company who stores, transmits or has access to protected data on behalf of the covered entity. Unfortunately, many Secure Service Providers take this requirement loosely, and some won\u2019t even acknowledge they are a Secure Service Provider. However, it is obvious to discern: if they can see it, store it, or transmit it, then they are a Secure Service Provider. This mandate even extends to their business partners or vendors.<\/span><\/p>\n An excellent example of this is a call center collections company. The information they must collect includes name, phone number, address, and amount owed. That is four forms of protected data. If the company uses a third party for hosting services and backups, then the third party is considered a Secure Service Provider. Therefore, you need to verify they are GLBA compliant as well as their business partners. Secure Service Providers include anyone who stores, transmits, or has access to your data at each layer.<\/span><\/p>\n Do you need a GLBA risk assessment performed? As part of our Managed Security Services, INSI has partnered with Cybriant, which conducts the GLBA risk assessments and works with INSI engineers addresses the vulnerabilities. It is a complete turnkey GLBA solution.<\/span><\/p>\n <\/span><\/p>\n <\/strong><\/p>\n Deborah Frazier<\/a>\u00a0is the author of\u00a0IT Outsourcing Secrets \u2013 A Small Business Guide to Compare IT Support Companies.<\/em><\/strong> With nearly 20 years of experience consulting small and medium-sized businesses on their IT support needs, she brings a wealth of knowledge to INSI as Head of Marketing and Sales. If you like this article and want to be notified when a new article is posted, click here<\/a>.<\/p>\nGLBA Requirements<\/h2>\n
\n
Secure Service Providers Risk Assessment<\/h2>\n
GLBA best risk assessment in your future? Call INSI<\/span><\/h2>\n
About the Author<\/strong><\/h3>\n