The U.S. Federal Trade Commission announced nonbanking financial institutions will be subject to required data breach and security notification rules. Under an FTC-approved amendment to the Safeguards Rule, finance-based businesses, including mortgage brokers, motor vehicle dealers and payday lenders, will be obligated to maintain a "comprehensive security program" and report incidents involving more than 500 individuals within 30 days of discovery.
30 Oct. 2023
FTC to require breach notification from nonbanking financial entities
Related stories
Notes from the IAPP Canada: Kerr's voice echoes as privacy, AI ethics more urgent than ever
A view from DC: FTC tackles trans-Atlantic threats to American liberty
Notes from the Asia-Pacific region: Check-up reveals new prescriptions for compliance
A view from Brussels: The implementation challenges of the EU Data Act
The rise of AI in cybersecurity: Finding the right balance between security and privacy