The Gramm-Leach-Bliley Act (GLBA), also known as the Financial Services Modernization Act of 1999, requires financial institutions that offer consumers financial products or services to explain their information-sharing practices to their customers and to safeguard sensitive customer data.
Under GLBA, institutions are obliged to protect customer financial information. The GLBA requires companies and organizations to ensure the security of personally identifying information of financial institution customers, such as names, addresses, account and credit information, and Social Security numbers. In addition, the GLBA sets forth extensive privacy rules, which require covered financial institutions to provide customers with privacy statements describing company privacy practices. However, the Federal Trade Commission’s (FTC) regulations implementing the GLBA specifically provide that colleges and universities will be deemed to be in compliance with the privacy provisions of the GLBA if they are in compliance with FERPA.