Gramm Leach Bliley (GLB) Act Compliance

    The GLB Act of 1999 and the Safeguards Rule of 2002 require all financial service providers to protect their customer’s financial privacy and is enforced by the US Federal Trade Commission (FTC).

    Encyro Inc helps financial service providers to comply with GLBA requirements. Encyro Inc is not itself a financial service provider.

    Am I required to comply?

    The rule applies to any business entity significantly engaged in financial activities. FTC provides examples of included financial activities, though other financial activities may also be covered. FTC’s examples include

    • lenders (including non-bank lenders),
    • check cashers,
    • wire transfer services,
    • sellers of money orders
    • credit counselors,
    • financial planners,
    • tax preparers
    • accountants
    • investment advisors
    • insurance agents
    • loan brokers
    • loan servicing firms
    • debt collection firms
    • real estate settlement service providers
    • career counselors (serving individuals seeking employment in the financial services industry)

    How does Encyro help me comply?

    To comply with the GLB Act and the Safeguards Rule (16 C.F.R. Part 314, 67 Fed. Reg. 36484, 2002),you must protect nonpublic personal information (NPI). NPI is any personally identifiable financial information that you collect or receive and is not otherwise public.

    Encyro helps you comply with the requirements to:

    1. encrypt data when sent over the network,
    2. use encrypted files to store customer data,
    3. make it automatic for customers to send encrypted (through the use of your Encyro upload page)
    4. enforce strong passwords (see compliance settings)
    5. automatically log you out after a period of inactivity (see compliance settings), and
    6. maintain logs of activity (through the Audit Trails feature)

    Related articles

    • IRS Publication 4557 provides seven checklists for tax preparers to help protect tax clients' tax data. The safeguards also protect your business from a da...

    • Encyro helps you comply with FINRA cyber-security requirements is the following ways: Encyro maintains the confidentiality and integrity of data as require...

    • PCI-DSS requires safeguarding credit card data that you receive. Email is not a secure way to ask a customer to provide their credit card information to se...

    • The SEC Regulation  Title 17: Chapter II, Part 248, Subpart A: §248.30 requires every broker, dealer, and investment company, and every investment adviser ...

    • Can I use Encyro for HIPAA compliance? Can I store and send patient information using Encyro? Encyro complies with Health Insurance Portability and Account...

    • My compliance standard requires me to review audit trails or activity logs. Where can I find my Encyro account activity logs? What will see in my audit tra...

    • Can I use Encyro to store data subject to Defense Federal Acquisition Regulation Supplement (DFARS) compliance, or data security regulations subject to def...

    • Who can access my content? Can Encyro view my data? Is it different from Protonmail and other encrypted email services that claim they cannot access my dat...