The Federal Trade Commission just announced significant changes to the Safeguards Rule. Those changes include more specific criteria about safeguards financial institutions – including dealers – must implement as part of their information security program to include limiting who can access consumer data and using encryption to secure the data. Dealers will also have to explain their information sharing practices, specifically the administrative, technical, and physical safeguards used to access, collect, distribute, process, protect, store, use, transmit, dispose of, or otherwise handle customers’ secure information. And, dealers will be required to designate a single qualified individual to oversee their information security program and report periodically to an organization’s board of directors, or a senior officer in charge of information security.
To see the text of the rule, go to: https://bit.ly/3Gvee5B