With identity theft a widespread issue in the financial services industry, banks and ARM companies are under increased pressure to ensure consumers’ sensitive identification, contact, and financial information is kept safe. In fact, a number of recent state and federal laws and regulations codify certain requirements for handling financial data. Firms in the ARM industry must adhere to a host of standards, including the Payment Card Industry Data Security Standard (PCI DSS), the financial privacy and safeguards rules in the Gramm–Leach–Bliley Act (GLBA), the FTC’s Red Flags Rule for identity theft, information security standard ISO 27002, HIPAA and the HITECH Act for the healthcare sector, and the Federal Information Security Management Act of 2002 (FISMA) for those collecting on government contracts. Auditing standard SAS 70 is also required for many in the financial services industry that use outside vendors such as debt collection agencies.

See all Topics
 [Image by creator Andy Dean from AdobeStock]

New Hampshire Enacts Comprehensive Consumer Data Privacy Law

13 March 2024

 [Image by creator Alexander from AdobeStock]

New Jersey Enacts Comprehensive Consumer Data Privacy Law

29 January 2024

 [Image by creator Alexander from AdobeStock]

Data Privacy & Security Roundup: New Laws, Regulations and Important Dates in 2024

9 January 2024

 [Image by creator Alexander from AdobeStock]

FTC Amends Safeguards Rule to Require Reporting of Data Breaches

7 November 2023

 [Image by creator Alexander from AdobeStock]

California Takes an Aggressive Approach to Regulating Data Brokers

25 October 2023

 [Image by creator Alexander from AdobeStock]

Delaware Enacts Personal Data Privacy Act

19 September 2023

 [Image by creator Andy Dean from AdobeStock]

Texas Enacts Data Privacy and Security Act with Small Business Exception

5 July 2023

 [Image by creator Alexander from AdobeStock]

A Closer Look at the Gramm-Leach-Bliley Act (GLBA): Updates to the Safeguards Rule

26 June 2023

 [Image by creator Andy Dean from AdobeStock]

Montana Enacts Comprehensive Consumer Data Privacy Law

30 May 2023

 [Image by creator Andy Dean from AdobeStock]

‘Tennessee Information Protection Act’ with NIST Security Standards Enacted

24 May 2023

 [Image by creator Alexander from AdobeStock]

Indiana Enacts Comprehensive Consumer Data Privacy Law

4 May 2023

 [Image by creator Andy Dean from AdobeStock]

Iowa Becomes Sixth State to Enact Comprehensive Consumer Data Privacy Law

12 April 2023

 [Image by creator Alexander from AdobeStock]

Utah Amends Data Breach Notification Law

30 March 2023

Arms of 5 business people holding up different colored large "quote" marks [Image by creator Sergey Nivens from AdobeStock]

CRC Comments on CFPB's Personal Financial Data Rights Proposal

14 February 2023

 [Image by creator Alexander from AdobeStock]

2022 Data Privacy Roundup – New Laws, Rulemaking, and Important Dates

12 January 2023

 [Image by creator Alexander from AdobeStock]

Companies With Lax Data Security Risk Running Afoul of FTC

15 December 2022

 [Image by creator Andy Dean from AdobeStock]

CFPB on Schedule with Consumer Data Privacy Rights Rulemaking Process

8 December 2022

Arms of 5 business people holding up different colored large "quote" marks [Image by creator Sergey Nivens from AdobeStock]

CRC to FTC: Focus on Existing Laws not Creating Overlapping Regs

1 December 2022

Photo of hourglass with sand all in the bottom [Image by creator Zerophoto from AdobeStock]

FTC Extends Deadline for Updated Safeguards Rule by Six Months

23 November 2022

 [Image by creator jivimages from AdobeStock]

Third Circuit: Risk of Future Harm from Data Breach Enough for Article III Standing

1 November 2022