FDIC Proposed Reg. on Financial Privacy
From the August 12 Federal Register:
Interagency Guidance on Response Programs for Unauthorized Access to Customer Information and Customer Notice: Among other things, the Security Guidelines direct financial institutions to: (1) Identify reasonably foreseeable internal and external threats that could result in unauthorized disclosure, misuse, alteration, or destruction of customer information or customer information systems; (2) assess the likelihood and potential damage of these threats, taking into consideration the sensitivity of customer information; and (3) assess the sufficiency of policies, procedures, customer information systems, and other arrangements in place to control risks.
Section 501(b) of the Gramm-Leach-Bliley Act (GLBA) required the Federal Deposit Insurance Corporation (FDIC), the Board of Governors of the Federal Reserve System, the Office of the Comptroller of the Currency, and the Office of Thrift Supervision to establish financial institution standards for protecting the security and confidentiality of financial institution customers’ non-public personal information.
See also Financial Privacy: The Gramm-Leach Bliley Act, from the FTC.