Compliance & Frameworks
Gramm-Leach-Bliley Act (GLBA)
Also known as: GLB Act, Financial Services Modernization Act
Definition
A U.S. federal law requiring financial institutions to protect the security and confidentiality of customer non-public personal information.
Examples
- A regional bank publishing an annual privacy notice describing how it shares customer data with affiliates.
- A mortgage broker implementing MFA and encryption to satisfy the FTC Safeguards Rule.
Related terms
Compliance
The discipline of meeting legal, regulatory, contractual, and internal security requirements through documented controls, evidence collection, and ongoing assessment.
Sarbanes-Oxley Act (SOX)
U.S. federal law from 2002 that imposes governance, internal-control, and reporting requirements on publicly traded companies to protect investors.
PCI DSS
A global information-security standard for organizations that store, process, or transmit payment card data, maintained by the PCI Security Standards Council.
HIPAA
The U.S. Health Insurance Portability and Accountability Act, which sets national standards for protecting individually identifiable health information.
Multi-Factor Authentication (MFA)
An authentication method that requires two or more independent factors — typically from different categories — before granting access.
Encryption
The cryptographic transformation of plaintext into ciphertext using an algorithm and key so that only authorized parties can recover the original data.