Quick Answer: What Is NPI Under GLBA?

What is nonpublic personal information under GLBA?

The personal information covered by the GLBA is termed “nonpublic personal information,” which means “personally identifiable financial information — provided by a consumer to a financial institution; resulting from any transaction with the consumer or any service performed for the consumer; or otherwise obtained by ….

What information is covered by GLBA?

The financial activities in which these companies engage require them to collect personal information from their customers, including names, addresses, and phone numbers; bank and credit card account numbers; income and credit histories; and Social Security numbers. GLBA compliance is mandatory.

Which of the following are examples of NPI?

Examples of NPI covered by GLBA are: Name, address, income, social security number or other information on an application.

What does Nppi mean?

Non-public Personal InformationWhat is NPPI? Non-public Personal Information is any data or information considered to be personal in nature and not subject to public availability. Personal information includes, but is not limited to: • Individual names. • Social Security numbers.

What are examples of nonpublic personal information?

For example, nonpublic personal information may include names, addresses, phone numbers, social security numbers, income, credit score, and information obtained through Internet collection devices (i.e., cookies).

Who is exempt from Glba?

Website or mobile app information from consumer access or in providing a financial product, such as cookies or data that consumers use to access accounts, would be exempt, as this personal information falls under the GLBA provisions. Credit reports, from a consumer reporting agency, would also fall under exemptions.

What is a GLBA risk assessment?

The Gramm Leach Bliley Act (GLBA) specifies what financial institutions are required to do to protect the privacy of their customers. Our GLBA Risk Assessment involves: … Listing each technology and vendor service and categorizing these systems based on the data they process or store.

Who enforces the GLBA?

The FTC is one of the federal agencies that enforces provisions of Gramm-Leach Bliley, and the law covers not only banks, but also securities firms, and insurance companies, and companies providing many other types of financial products and services.

What is considered NPI?

The Privacy Rule protects a consumer’s “nonpublic personal information” (NPI). NPI is any “personally identifiable financial information” that a financial institution collects about an individual in connection with providing a financial product or service, unless that information is otherwise “publicly available.”

What are the 3 sections of the GLBA?

The Act consists of three sections: The Financial Privacy Rule, which regulates the collection and disclosure of private financial information; the Safeguards Rule, which stipulates that financial institutions must implement security programs to protect such information; and the Pretexting provisions, which prohibit …

How do I comply with GLBA?

To be GLBA compliant, financial institutions must communicate to their customers how they share the customers’ sensitive data, inform customers of their right to opt-out if they prefer that their personal data not be shared with third parties, and apply specific protections to customers’ private data in accordance with …

Is a loan number sensitive information?

Rule 9037 addresses the Social Security number, date of birth, and loan number. Pursuant to Rule 9037(a), any document filed in a bankruptcy case must limit the disclosure of that PII to the last four digits of the Social Security number, the year of the individual’s birth, and the last four digits of the loan number.