Gramm-Leach-Bliley Act

Also known as the Financial Services Modernization Act of 1999, the act is a US federal law to control the ways that financial institutions deal with the private information of their customers such as their names, addresses, and phone numbers; bank and credit card account numbers; income and credit histories; and Social Security numbers. It requires financial institutions to ensure the security and confidentiality of this type of information.

Who must be GLB compliant?

The rules apply to all businesses, regardless of size, that are “significantly engaged” in providing financial products or services. Other than obvious financial institutions, this includes, for example, check-cashing businesses, payday lenders, insurance companies, mortgage brokers, non-bank lenders, personal property, or real estate appraisers, professional tax preparers and courier services. The rules also apply to companies like credit reporting agencies and ATM operators that receive information about the customers of other financial institutions.

What are the GLB Data Destruction requirements?

According to the United States FTC’s Safeguards Rule under GLB:

§ 314.3 Standards for safeguarding customer information:

You shall develop, implement, and maintain a comprehensive information security program that is written in one or more readily accessible parts and contains administrative, technical, and physical safeguards that are appropriate to your size and complexity, the nature and scope of your activities, and the sensitivity of any customer information at issue. Such safeguards shall include the elements set forth in § 314.4 and shall be reasonably designed to achieve the objectives of this part, as set forth in paragraph (b) of this section.
— (a) Information security program.
The objectives of section 501(b) of the Act, and of this part, are to: (1) Insure the security and confidentiality of customer information; (2) Protect against any anticipated threats or hazards to the security or integrity of such information; and (3) Protect against unauthorized access to or use of such information that could result in substantial harm or inconvenience to any customer.”
— (b) Objectives.
Click on the picture above to download the complete Gramm-Leach-Bliley Act document.

Click on the picture above to download the complete Gramm-Leach-Bliley Act document.

How can e-End keep an organization in compliance?

e-End can ensure your organization that the financial records of your clients and customers that are stored on computers, copiers, printers and other end-of-life electronics that are being taken out of service will be destroyed and cannot be recovered by any means.

In addition to being NAID AAA Certified for sanitizing data on all electronic and non-paper media (including hard drives, flash drives and cell phones), we also adhere to NSA and NIST 800-88R1 guidelines for data destruction to ensure you’ll remain compliant with the GLB rules.

After our services have been completed, you’ll be issued a Certificate of Certified Data Sanitization and Certificate of Recycling for your records.

For organizations with data for destruction that, due to security reasons, cannot leave your facility, we can perform all data destruction services onsite at your office or facility with no disruption.

Contact us today to learn more about how we can keep you compliant with GLB and other regulations.

Computer Recycling Drop Off Location:

Monday – Friday: 9AM-4PM
Saturday - Sunday: Closed

7118 Geoffrey Way Unit E
Frederick, MD 21704
Phone: (240) 529-1010