The Federal Trade Commission has approved an amendment to the Safeguards Rule under the Gramm-Leach-Bliley Act that creates a new data privacy regulatory reporting requirement for non-banking financial entities. Covered entities must notify the FTC within 30 days of discovery of a “notification event” that involves the unauthorized acquisition of unencrypted customer information of 500 or more consumers. The new rule, announced on October 27, takes effect 180 days after publication in the Federal Register, meaning approximately May 2024.
The Constangy Cyber Advisor posts regular updates on legislative developments, data privacy, and information security trends. Our blog posts are informed through the Constangy Cyber Team's experience managing thousands of data breaches, providing robust compliance advisory services, and consultation on complex data privacy and security litigation.
RSS Feed
Follow us on Facebook
Follow us on Twitter/X
Follow us on LinkedInSubscribe
Contributors
- Suzie Allen
- John Babione
- Dafina Buçaj
- Jason Cherry
- Maria Efaplomatidis
- Jordan L. Fischer
- Sebastian Fischer
- Laura Funk
- Lauren Godfrey
- Amir Goodarzi
- Taren N. Greenidge
- Julie Hess
- Carolyn C. Ho
- Sean Hoar
- Donna Maddux
- David McMillan
- Amanda Novak
- Ashley L. Orler
- Rebecca Pollack
- Allison Prout
- Todd Rowe
- Sarah Rugnetta
- Melissa J. Sachs
- Allen Sattler
- Alyssa Watzman
- Aubrey Weaver