Data Security Feed Link

Data Security

With identity theft a widespread issue in the financial services industry, banks and ARM companies are under increased pressure to ensure consumers’ sensitive identification, contact, and financial information is kept safe. In fact, a number of recent state and federal laws and regulations codify certain requirements for handling financial data.

Firms in the ARM industry must adhere to a host of standards, including the Payment Card Industry Data Security Standard (PCI DSS), the financial privacy and safeguards rules in the Gramm–Leach–Bliley Act (GLBA), the FTC’s Red Flags Rule for identity theft, information security standard ISO 27002, HIPAA and the HITECH Act for the healthcare sector, and the Federal Information Security Management Act of 2002 (FISMA) for those collecting on government contracts. Auditing standard SAS 70 is also required for many in the financial services industry that use outside vendors such as debt collection agencies.

cyber-security

FTC’s Settlement with Two Debt Portfolio Brokers a Continuation of a Trend in ARM Industry

The FTC Monday announced that it has reached final settlements with two debt portfolio brokers for disclosing too much personal information about debtors in online postings marketing their portfolios for sale. The FTC announced the cases last year, and today’s announcement highlighted new security requirements for the brokers going forward.