SlideShare a Scribd company logo
The Gramm-Leach-Bliley Act
2 RULES
FINANCIAL PRIVACY RULE SAFEGUARDS RULE PRETEXTING PROTECTION
Governs the collection and disclosure of
customers’ personal financial information by
financial institutions. It also applies to
companies, regardless of whether they are
financial institutions, who receive such
information
6809
Definitions
6808
Study of information sharing among affiliates
6805
Enforcement
6803
Disclosure of institution privacy policy
6802
Obligations to disclosures of personal information
6807
Relation to State laws
6801
Protection of nonpublic personal information
6804
Rulemaking
6806
Relation to other provisions
6823
Criminal penalty
6822
Administrative enforcement
6821
Privacy protection for customer information
6824
Relation to State laws
Requires all financial institutions to design,
implement and maintain safeguards to
protect customer information.
HIPAA requires every provider who does
business electronically to use the same
health care transactions, code sets, and
identifiers. HIPAA has identified TEN
standard transactions for Electronic Data
Interchange (EDI)
Authored by; Jason P. Rusch - CISSP, CISM, CISA | www.infosec-rusch.com | jason@infosec-rusch.com
6825
Agency guidance
6826
Reports
6827
Definitions
TITLE 15
Chapter 94
Subsection II
FRAUDULENT ACCESS TO
FINANCIAL INFORMATION
Subsection I
DISCLOSURE OF NONPUBLIC
PERSONAL INFORMATION
TITLE 15
Chapter 94
1 PROVISION

More Related Content

What's hot

FinTech Belgium GDPR MeetUp - deJurists - 14/09/17
FinTech Belgium GDPR MeetUp - deJurists - 14/09/17FinTech Belgium GDPR MeetUp - deJurists - 14/09/17
FinTech Belgium GDPR MeetUp - deJurists - 14/09/17
Alessandra Gambrill - Guion
 
Gigya's China Data Center - Data Sheet
Gigya's China Data Center - Data SheetGigya's China Data Center - Data Sheet
Gigya's China Data Center - Data Sheet
Gigya
 
What does GDPR laws mean for Australian businesses
What does GDPR laws mean for Australian businessesWhat does GDPR laws mean for Australian businesses
What does GDPR laws mean for Australian businesses
iFactory Digital
 
MTC - GLBA New Regulations for Accounting Firms
MTC - GLBA New Regulations for Accounting FirmsMTC - GLBA New Regulations for Accounting Firms
MTC - GLBA New Regulations for Accounting Firms
Todd Morin
 
SourceCloud GDPR statement march 2018
SourceCloud GDPR statement march 2018 SourceCloud GDPR statement march 2018
SourceCloud GDPR statement march 2018
Craig Burns
 
Avoid the Audit Trap
Avoid the Audit TrapAvoid the Audit Trap
Avoid the Audit Trap
EAI Information Systems
 
Data Usage from Business Registries
Data Usage from Business RegistriesData Usage from Business Registries
Data Usage from Business Registries
Corporate Registers Forum
 
Hipaa
HipaaHipaa
GDPR Seminar Slides
GDPR Seminar SlidesGDPR Seminar Slides
GDPR Seminar Slides
Hannah Donnison
 
What is data protection and why it is important for business
What is data protection and why it is important for businessWhat is data protection and why it is important for business
What is data protection and why it is important for business
SameerShaik43
 
Data Protection Audit Checklist
Data Protection Audit ChecklistData Protection Audit Checklist
Data Protection Audit Checklist
Digital Guardian
 
Cybersecurity & Data Challenges
Cybersecurity & Data ChallengesCybersecurity & Data Challenges
Cybersecurity & Data Challenges
João Bocas
 
Unit 204 Maintain Confidentiality within the Waste and Recycling Industry
Unit 204 Maintain Confidentiality within the Waste and Recycling IndustryUnit 204 Maintain Confidentiality within the Waste and Recycling Industry
Unit 204 Maintain Confidentiality within the Waste and Recycling Industry
rfelters
 
International Business Registers Report 2018
International Business Registers Report 2018 International Business Registers Report 2018
International Business Registers Report 2018
Corporate Registers Forum
 
Convince your board - Ten steps to GDPR compliance
Convince your board  - Ten steps to GDPR complianceConvince your board  - Ten steps to GDPR compliance
Convince your board - Ten steps to GDPR compliance
Dave James
 
"If we're leaving the EU, does GDPR even matter?" And other FAQs
"If we're leaving the EU, does GDPR even matter?" And other FAQs"If we're leaving the EU, does GDPR even matter?" And other FAQs
"If we're leaving the EU, does GDPR even matter?" And other FAQs
Tech Data
 
Personally Identifiable Information – FTC: Identity theft is the most common ...
Personally Identifiable Information – FTC: Identity theft is the most common ...Personally Identifiable Information – FTC: Identity theft is the most common ...
Personally Identifiable Information – FTC: Identity theft is the most common ...
Jan Carroza
 
The GDPR timeline - Stephen Bailey, NCC Group
The GDPR timeline - Stephen Bailey, NCC GroupThe GDPR timeline - Stephen Bailey, NCC Group
The GDPR timeline - Stephen Bailey, NCC Group
BCS Data Management Specialist Group
 
What is ISO 27001 and why you should get compliant
What is ISO 27001 and why you should get compliant What is ISO 27001 and why you should get compliant
What is ISO 27001 and why you should get compliant
Ajay Unni
 
GDPR Learning Lab: Gartner Data & Analytics 2018 Slides
GDPR Learning Lab: Gartner Data & Analytics 2018 Slides GDPR Learning Lab: Gartner Data & Analytics 2018 Slides
GDPR Learning Lab: Gartner Data & Analytics 2018 Slides
DATUM LLC
 

What's hot (20)

FinTech Belgium GDPR MeetUp - deJurists - 14/09/17
FinTech Belgium GDPR MeetUp - deJurists - 14/09/17FinTech Belgium GDPR MeetUp - deJurists - 14/09/17
FinTech Belgium GDPR MeetUp - deJurists - 14/09/17
 
Gigya's China Data Center - Data Sheet
Gigya's China Data Center - Data SheetGigya's China Data Center - Data Sheet
Gigya's China Data Center - Data Sheet
 
What does GDPR laws mean for Australian businesses
What does GDPR laws mean for Australian businessesWhat does GDPR laws mean for Australian businesses
What does GDPR laws mean for Australian businesses
 
MTC - GLBA New Regulations for Accounting Firms
MTC - GLBA New Regulations for Accounting FirmsMTC - GLBA New Regulations for Accounting Firms
MTC - GLBA New Regulations for Accounting Firms
 
SourceCloud GDPR statement march 2018
SourceCloud GDPR statement march 2018 SourceCloud GDPR statement march 2018
SourceCloud GDPR statement march 2018
 
Avoid the Audit Trap
Avoid the Audit TrapAvoid the Audit Trap
Avoid the Audit Trap
 
Data Usage from Business Registries
Data Usage from Business RegistriesData Usage from Business Registries
Data Usage from Business Registries
 
Hipaa
HipaaHipaa
Hipaa
 
GDPR Seminar Slides
GDPR Seminar SlidesGDPR Seminar Slides
GDPR Seminar Slides
 
What is data protection and why it is important for business
What is data protection and why it is important for businessWhat is data protection and why it is important for business
What is data protection and why it is important for business
 
Data Protection Audit Checklist
Data Protection Audit ChecklistData Protection Audit Checklist
Data Protection Audit Checklist
 
Cybersecurity & Data Challenges
Cybersecurity & Data ChallengesCybersecurity & Data Challenges
Cybersecurity & Data Challenges
 
Unit 204 Maintain Confidentiality within the Waste and Recycling Industry
Unit 204 Maintain Confidentiality within the Waste and Recycling IndustryUnit 204 Maintain Confidentiality within the Waste and Recycling Industry
Unit 204 Maintain Confidentiality within the Waste and Recycling Industry
 
International Business Registers Report 2018
International Business Registers Report 2018 International Business Registers Report 2018
International Business Registers Report 2018
 
Convince your board - Ten steps to GDPR compliance
Convince your board  - Ten steps to GDPR complianceConvince your board  - Ten steps to GDPR compliance
Convince your board - Ten steps to GDPR compliance
 
"If we're leaving the EU, does GDPR even matter?" And other FAQs
"If we're leaving the EU, does GDPR even matter?" And other FAQs"If we're leaving the EU, does GDPR even matter?" And other FAQs
"If we're leaving the EU, does GDPR even matter?" And other FAQs
 
Personally Identifiable Information – FTC: Identity theft is the most common ...
Personally Identifiable Information – FTC: Identity theft is the most common ...Personally Identifiable Information – FTC: Identity theft is the most common ...
Personally Identifiable Information – FTC: Identity theft is the most common ...
 
The GDPR timeline - Stephen Bailey, NCC Group
The GDPR timeline - Stephen Bailey, NCC GroupThe GDPR timeline - Stephen Bailey, NCC Group
The GDPR timeline - Stephen Bailey, NCC Group
 
What is ISO 27001 and why you should get compliant
What is ISO 27001 and why you should get compliant What is ISO 27001 and why you should get compliant
What is ISO 27001 and why you should get compliant
 
GDPR Learning Lab: Gartner Data & Analytics 2018 Slides
GDPR Learning Lab: Gartner Data & Analytics 2018 Slides GDPR Learning Lab: Gartner Data & Analytics 2018 Slides
GDPR Learning Lab: Gartner Data & Analytics 2018 Slides
 

Viewers also liked

A guide-to-pricing-techniques
A guide-to-pricing-techniquesA guide-to-pricing-techniques
A guide-to-pricing-techniques
Ismail Nizam
 
Топ украинских женщин политиков
Топ украинских женщин   политиковТоп украинских женщин   политиков
Топ украинских женщин политиков
СНУЯЭиП
 
學校與不均等的關係:美國長期比較研究的經驗談
學校與不均等的關係:美國長期比較研究的經驗談學校與不均等的關係:美國長期比較研究的經驗談
學校與不均等的關係:美國長期比較研究的經驗談
臺師大教育研究與評鑑中心(Center for Education and Evaluation)
 
Peace Through Medicine (proposal) 2. 8. 2016
Peace Through Medicine (proposal) 2. 8. 2016Peace Through Medicine (proposal) 2. 8. 2016
Peace Through Medicine (proposal) 2. 8. 2016
Robert Zwang
 
Día de la democracia
Día de la democracia Día de la democracia
Día de la democracia
Lauma1416
 
Goutam_CV
Goutam_CVGoutam_CV
Goutam_CV
Goutam Singh
 
Loicett heidy tema1b.doc.
Loicett heidy tema1b.doc.Loicett heidy tema1b.doc.
Loicett heidy tema1b.doc.
Loicett
 
Marine Seismic Streamer Positioning--p294
Marine Seismic Streamer Positioning--p294Marine Seismic Streamer Positioning--p294
Marine Seismic Streamer Positioning--p294
Guimin Li
 
What is RIMS Doing?
What is RIMS Doing?What is RIMS Doing?
043012_溝通與報告
043012_溝通與報告043012_溝通與報告
043012_溝通與報告
David Huang
 
Молчанов д
Молчанов дМолчанов д
Молчанов д
Olena Ursu
 
Dattatray Resume
Dattatray ResumeDattatray Resume
Dattatray Resume
Dattatray Kamble
 

Viewers also liked (13)

Presentation1
Presentation1Presentation1
Presentation1
 
A guide-to-pricing-techniques
A guide-to-pricing-techniquesA guide-to-pricing-techniques
A guide-to-pricing-techniques
 
Топ украинских женщин политиков
Топ украинских женщин   политиковТоп украинских женщин   политиков
Топ украинских женщин политиков
 
學校與不均等的關係:美國長期比較研究的經驗談
學校與不均等的關係:美國長期比較研究的經驗談學校與不均等的關係:美國長期比較研究的經驗談
學校與不均等的關係:美國長期比較研究的經驗談
 
Peace Through Medicine (proposal) 2. 8. 2016
Peace Through Medicine (proposal) 2. 8. 2016Peace Through Medicine (proposal) 2. 8. 2016
Peace Through Medicine (proposal) 2. 8. 2016
 
Día de la democracia
Día de la democracia Día de la democracia
Día de la democracia
 
Goutam_CV
Goutam_CVGoutam_CV
Goutam_CV
 
Loicett heidy tema1b.doc.
Loicett heidy tema1b.doc.Loicett heidy tema1b.doc.
Loicett heidy tema1b.doc.
 
Marine Seismic Streamer Positioning--p294
Marine Seismic Streamer Positioning--p294Marine Seismic Streamer Positioning--p294
Marine Seismic Streamer Positioning--p294
 
What is RIMS Doing?
What is RIMS Doing?What is RIMS Doing?
What is RIMS Doing?
 
043012_溝通與報告
043012_溝通與報告043012_溝通與報告
043012_溝通與報告
 
Молчанов д
Молчанов дМолчанов д
Молчанов д
 
Dattatray Resume
Dattatray ResumeDattatray Resume
Dattatray Resume
 

Similar to GLBA Topology

Acc 675 control audit final project
Acc 675 control audit final projectAcc 675 control audit final project
Acc 675 control audit final project
Kelly Giambra
 
Data Security and Regulatory Compliance
Data Security and Regulatory ComplianceData Security and Regulatory Compliance
Data Security and Regulatory Compliance
Lifeline Data Centers
 
Security Compliance Models- Checklist v. Framework
Security Compliance Models- Checklist v. FrameworkSecurity Compliance Models- Checklist v. Framework
Security Compliance Models- Checklist v. Framework
Divya Kothari
 
2018-11-15 IT Assessment
2018-11-15 IT Assessment2018-11-15 IT Assessment
2018-11-15 IT Assessment
Raffa Learning Community
 
Cyber Security Unit laws_and_regulatory_requirements.pptx
Cyber Security Unit  laws_and_regulatory_requirements.pptxCyber Security Unit  laws_and_regulatory_requirements.pptx
Cyber Security Unit laws_and_regulatory_requirements.pptx
SourabhNath4
 
GDPR: how IT works
GDPR: how IT worksGDPR: how IT works
GDPR: how IT works
Morris Dorfer
 
Data Privacy and consent management .. .
Data Privacy and consent management  ..  .Data Privacy and consent management  ..  .
Data Privacy and consent management .. .
ClinosolIndia
 
Data privacy and consent management (K.sailaja).pptx
Data privacy and consent management (K.sailaja).pptxData privacy and consent management (K.sailaja).pptx
Data privacy and consent management (K.sailaja).pptx
kandalamsailaja17
 
Examples of international privacy legislation
Examples of international privacy legislationExamples of international privacy legislation
Examples of international privacy legislation
Ulf Mattsson
 
CCSP_Self_Domain_6.ppt
CCSP_Self_Domain_6.pptCCSP_Self_Domain_6.ppt
CCSP_Self_Domain_6.ppt
Samir Jha
 
2017-01-24 Introduction of PCI and HIPAA Compliance
2017-01-24 Introduction of PCI and HIPAA Compliance2017-01-24 Introduction of PCI and HIPAA Compliance
2017-01-24 Introduction of PCI and HIPAA Compliance
Raffa Learning Community
 
Is it time for an IT Assessment?
Is it time for an IT Assessment?Is it time for an IT Assessment?
Is it time for an IT Assessment?
Raffa Learning Community
 
2017 06-27 Time for an IT Assessment
2017 06-27 Time for an IT Assessment2017 06-27 Time for an IT Assessment
2017 06-27 Time for an IT Assessment
Raffa Learning Community
 
2017 06-27 Time for an IT Assessment
2017 06-27 Time for an IT Assessment2017 06-27 Time for an IT Assessment
2017 06-27 Time for an IT Assessment
Rachel Caldwell
 
2016 02-23 Is it time for a Security and Compliance Assessment?
2016 02-23 Is it time for a Security and Compliance Assessment?2016 02-23 Is it time for a Security and Compliance Assessment?
2016 02-23 Is it time for a Security and Compliance Assessment?
Raffa Learning Community
 
PSD2 un GDPR savstarpējā ietekme. Intersections of PSD2 and GDPR
PSD2 un GDPR savstarpējā ietekme. Intersections of PSD2 and GDPRPSD2 un GDPR savstarpējā ietekme. Intersections of PSD2 and GDPR
PSD2 un GDPR savstarpējā ietekme. Intersections of PSD2 and GDPR
Latvijas Banka
 
CBIZ Banking & Financial Services Hot Topics - January 2018
CBIZ Banking & Financial Services Hot Topics - January 2018CBIZ Banking & Financial Services Hot Topics - January 2018
CBIZ Banking & Financial Services Hot Topics - January 2018
CBIZ, Inc.
 
An Overview of GDPR
An Overview of GDPR An Overview of GDPR
An Overview of GDPR
The Pathway Group
 
data-privacy-egypt-what-you-need-know-en.pdf
data-privacy-egypt-what-you-need-know-en.pdfdata-privacy-egypt-what-you-need-know-en.pdf
data-privacy-egypt-what-you-need-know-en.pdf
kiruthigajawahar6
 
data privacy handbook: A starter guide to data privacy compliance
data privacy handbook: A starter guide to data privacy compliancedata privacy handbook: A starter guide to data privacy compliance
data privacy handbook: A starter guide to data privacy compliance
DesmondMontgomery2
 

Similar to GLBA Topology (20)

Acc 675 control audit final project
Acc 675 control audit final projectAcc 675 control audit final project
Acc 675 control audit final project
 
Data Security and Regulatory Compliance
Data Security and Regulatory ComplianceData Security and Regulatory Compliance
Data Security and Regulatory Compliance
 
Security Compliance Models- Checklist v. Framework
Security Compliance Models- Checklist v. FrameworkSecurity Compliance Models- Checklist v. Framework
Security Compliance Models- Checklist v. Framework
 
2018-11-15 IT Assessment
2018-11-15 IT Assessment2018-11-15 IT Assessment
2018-11-15 IT Assessment
 
Cyber Security Unit laws_and_regulatory_requirements.pptx
Cyber Security Unit  laws_and_regulatory_requirements.pptxCyber Security Unit  laws_and_regulatory_requirements.pptx
Cyber Security Unit laws_and_regulatory_requirements.pptx
 
GDPR: how IT works
GDPR: how IT worksGDPR: how IT works
GDPR: how IT works
 
Data Privacy and consent management .. .
Data Privacy and consent management  ..  .Data Privacy and consent management  ..  .
Data Privacy and consent management .. .
 
Data privacy and consent management (K.sailaja).pptx
Data privacy and consent management (K.sailaja).pptxData privacy and consent management (K.sailaja).pptx
Data privacy and consent management (K.sailaja).pptx
 
Examples of international privacy legislation
Examples of international privacy legislationExamples of international privacy legislation
Examples of international privacy legislation
 
CCSP_Self_Domain_6.ppt
CCSP_Self_Domain_6.pptCCSP_Self_Domain_6.ppt
CCSP_Self_Domain_6.ppt
 
2017-01-24 Introduction of PCI and HIPAA Compliance
2017-01-24 Introduction of PCI and HIPAA Compliance2017-01-24 Introduction of PCI and HIPAA Compliance
2017-01-24 Introduction of PCI and HIPAA Compliance
 
Is it time for an IT Assessment?
Is it time for an IT Assessment?Is it time for an IT Assessment?
Is it time for an IT Assessment?
 
2017 06-27 Time for an IT Assessment
2017 06-27 Time for an IT Assessment2017 06-27 Time for an IT Assessment
2017 06-27 Time for an IT Assessment
 
2017 06-27 Time for an IT Assessment
2017 06-27 Time for an IT Assessment2017 06-27 Time for an IT Assessment
2017 06-27 Time for an IT Assessment
 
2016 02-23 Is it time for a Security and Compliance Assessment?
2016 02-23 Is it time for a Security and Compliance Assessment?2016 02-23 Is it time for a Security and Compliance Assessment?
2016 02-23 Is it time for a Security and Compliance Assessment?
 
PSD2 un GDPR savstarpējā ietekme. Intersections of PSD2 and GDPR
PSD2 un GDPR savstarpējā ietekme. Intersections of PSD2 and GDPRPSD2 un GDPR savstarpējā ietekme. Intersections of PSD2 and GDPR
PSD2 un GDPR savstarpējā ietekme. Intersections of PSD2 and GDPR
 
CBIZ Banking & Financial Services Hot Topics - January 2018
CBIZ Banking & Financial Services Hot Topics - January 2018CBIZ Banking & Financial Services Hot Topics - January 2018
CBIZ Banking & Financial Services Hot Topics - January 2018
 
An Overview of GDPR
An Overview of GDPR An Overview of GDPR
An Overview of GDPR
 
data-privacy-egypt-what-you-need-know-en.pdf
data-privacy-egypt-what-you-need-know-en.pdfdata-privacy-egypt-what-you-need-know-en.pdf
data-privacy-egypt-what-you-need-know-en.pdf
 
data privacy handbook: A starter guide to data privacy compliance
data privacy handbook: A starter guide to data privacy compliancedata privacy handbook: A starter guide to data privacy compliance
data privacy handbook: A starter guide to data privacy compliance
 

More from Jason Rusch - CISSP CGEIT CISM CISA GNSA

NIST sp800 53-v4 Topology
NIST sp800 53-v4 TopologyNIST sp800 53-v4 Topology
NIST sp800 53-v4 Topology
Jason Rusch - CISSP CGEIT CISM CISA GNSA
 
CSA v4 Topology
CSA v4 TopologyCSA v4 Topology
ISO.IEC 27001 27002-2013
ISO.IEC 27001 27002-2013ISO.IEC 27001 27002-2013
ISO.IEC 27000 Series Map
ISO.IEC 27000 Series MapISO.IEC 27000 Series Map
Cobit v5 High Level Controls Topology
Cobit v5 High Level Controls TopologyCobit v5 High Level Controls Topology
Cobit v5 High Level Controls Topology
Jason Rusch - CISSP CGEIT CISM CISA GNSA
 
Cobit & ISO 27002 Governance Topology
Cobit & ISO 27002 Governance TopologyCobit & ISO 27002 Governance Topology
Cobit & ISO 27002 Governance Topology
Jason Rusch - CISSP CGEIT CISM CISA GNSA
 
GLBA Topology
GLBA TopologyGLBA Topology
HIPAA Topology
HIPAA TopologyHIPAA Topology
ISO.IEC_27001-27002-2013 Topology
ISO.IEC_27001-27002-2013 TopologyISO.IEC_27001-27002-2013 Topology
ISO.IEC_27001-27002-2013 Topology
Jason Rusch - CISSP CGEIT CISM CISA GNSA
 
PCI-DSS DESV Topology
PCI-DSS DESV TopologyPCI-DSS DESV Topology
DATA PROTECTION LAWS OF THE WORLD
DATA PROTECTION LAWS OF THE WORLDDATA PROTECTION LAWS OF THE WORLD
DATA PROTECTION LAWS OF THE WORLD
Jason Rusch - CISSP CGEIT CISM CISA GNSA
 
Common Security Framework Summary
Common Security Framework SummaryCommon Security Framework Summary
Common Security Framework Summary
Jason Rusch - CISSP CGEIT CISM CISA GNSA
 
Information_Governance_Risk_Compliance_Frameworks (v5)
Information_Governance_Risk_Compliance_Frameworks (v5)Information_Governance_Risk_Compliance_Frameworks (v5)
Information_Governance_Risk_Compliance_Frameworks (v5)
Jason Rusch - CISSP CGEIT CISM CISA GNSA
 
SOX Titles Topology
SOX Titles TopologySOX Titles Topology
ITIL v3 Topology
ITIL v3 TopologyITIL v3 Topology
HITRUST CSF Topology
HITRUST CSF TopologyHITRUST CSF Topology
HIPAA Topology
HIPAA TopologyHIPAA Topology
COSO ERM Topology
COSO ERM TopologyCOSO ERM Topology
Octave Topology
Octave TopologyOctave Topology
FFIEC I.T. Booklets Topology
FFIEC I.T. Booklets TopologyFFIEC I.T. Booklets Topology
FFIEC I.T. Booklets Topology
Jason Rusch - CISSP CGEIT CISM CISA GNSA
 

More from Jason Rusch - CISSP CGEIT CISM CISA GNSA (20)

NIST sp800 53-v4 Topology
NIST sp800 53-v4 TopologyNIST sp800 53-v4 Topology
NIST sp800 53-v4 Topology
 
CSA v4 Topology
CSA v4 TopologyCSA v4 Topology
CSA v4 Topology
 
ISO.IEC 27001 27002-2013
ISO.IEC 27001 27002-2013ISO.IEC 27001 27002-2013
ISO.IEC 27001 27002-2013
 
ISO.IEC 27000 Series Map
ISO.IEC 27000 Series MapISO.IEC 27000 Series Map
ISO.IEC 27000 Series Map
 
Cobit v5 High Level Controls Topology
Cobit v5 High Level Controls TopologyCobit v5 High Level Controls Topology
Cobit v5 High Level Controls Topology
 
Cobit & ISO 27002 Governance Topology
Cobit & ISO 27002 Governance TopologyCobit & ISO 27002 Governance Topology
Cobit & ISO 27002 Governance Topology
 
GLBA Topology
GLBA TopologyGLBA Topology
GLBA Topology
 
HIPAA Topology
HIPAA TopologyHIPAA Topology
HIPAA Topology
 
ISO.IEC_27001-27002-2013 Topology
ISO.IEC_27001-27002-2013 TopologyISO.IEC_27001-27002-2013 Topology
ISO.IEC_27001-27002-2013 Topology
 
PCI-DSS DESV Topology
PCI-DSS DESV TopologyPCI-DSS DESV Topology
PCI-DSS DESV Topology
 
DATA PROTECTION LAWS OF THE WORLD
DATA PROTECTION LAWS OF THE WORLDDATA PROTECTION LAWS OF THE WORLD
DATA PROTECTION LAWS OF THE WORLD
 
Common Security Framework Summary
Common Security Framework SummaryCommon Security Framework Summary
Common Security Framework Summary
 
Information_Governance_Risk_Compliance_Frameworks (v5)
Information_Governance_Risk_Compliance_Frameworks (v5)Information_Governance_Risk_Compliance_Frameworks (v5)
Information_Governance_Risk_Compliance_Frameworks (v5)
 
SOX Titles Topology
SOX Titles TopologySOX Titles Topology
SOX Titles Topology
 
ITIL v3 Topology
ITIL v3 TopologyITIL v3 Topology
ITIL v3 Topology
 
HITRUST CSF Topology
HITRUST CSF TopologyHITRUST CSF Topology
HITRUST CSF Topology
 
HIPAA Topology
HIPAA TopologyHIPAA Topology
HIPAA Topology
 
COSO ERM Topology
COSO ERM TopologyCOSO ERM Topology
COSO ERM Topology
 
Octave Topology
Octave TopologyOctave Topology
Octave Topology
 
FFIEC I.T. Booklets Topology
FFIEC I.T. Booklets TopologyFFIEC I.T. Booklets Topology
FFIEC I.T. Booklets Topology
 

Recently uploaded

Mid America Trucking Show Exhibitor List 2024 - Exhibitors Data
Mid America Trucking Show Exhibitor List 2024 - Exhibitors DataMid America Trucking Show Exhibitor List 2024 - Exhibitors Data
Mid America Trucking Show Exhibitor List 2024 - Exhibitors Data
Exhibitors Data
 
Benefits of Hiring Gen X Compared to Gen Z and Millennials.pptx
Benefits of Hiring Gen X Compared to Gen Z and Millennials.pptxBenefits of Hiring Gen X Compared to Gen Z and Millennials.pptx
Benefits of Hiring Gen X Compared to Gen Z and Millennials.pptx
Brian Frerichs
 
Restaurant Chiraz Sindbad Hotel Hammamet
Restaurant Chiraz Sindbad Hotel HammametRestaurant Chiraz Sindbad Hotel Hammamet
Restaurant Chiraz Sindbad Hotel Hammamet
rihabkorbi24
 
Why is Structural Engineering Critical in Disaster Preparedness and Resilienc...
Why is Structural Engineering Critical in Disaster Preparedness and Resilienc...Why is Structural Engineering Critical in Disaster Preparedness and Resilienc...
Why is Structural Engineering Critical in Disaster Preparedness and Resilienc...
grouphirani24
 
Steps to Register Company in Dubai Mainland.pptx
Steps to Register Company in Dubai Mainland.pptxSteps to Register Company in Dubai Mainland.pptx
Steps to Register Company in Dubai Mainland.pptx
blackswanbss
 
DPI Playbook for MOSIP MIS framework India
DPI Playbook for MOSIP MIS framework IndiaDPI Playbook for MOSIP MIS framework India
DPI Playbook for MOSIP MIS framework India
Zaheer Parvez
 
HiFi Girls Call Surat 000XX00000 Provide Best And Top Girl Service And No1 in...
HiFi Girls Call Surat 000XX00000 Provide Best And Top Girl Service And No1 in...HiFi Girls Call Surat 000XX00000 Provide Best And Top Girl Service And No1 in...
HiFi Girls Call Surat 000XX00000 Provide Best And Top Girl Service And No1 in...
pranjalgarg474
 
The Importance of Public Relations for New Graduates.pdf
The Importance of Public Relations for New Graduates.pdfThe Importance of Public Relations for New Graduates.pdf
The Importance of Public Relations for New Graduates.pdf
Posh Concepts
 
Network Observability – 5 Best Platforms for Observability
Network Observability – 5 Best Platforms for ObservabilityNetwork Observability – 5 Best Platforms for Observability
Network Observability – 5 Best Platforms for Observability
GauriKale30
 
FURI88 : GAME SLOT PGSOFT PALING GACOR MUDAH MENANG HANYA DISINI
FURI88 : GAME SLOT PGSOFT PALING GACOR MUDAH MENANG HANYA DISINIFURI88 : GAME SLOT PGSOFT PALING GACOR MUDAH MENANG HANYA DISINI
FURI88 : GAME SLOT PGSOFT PALING GACOR MUDAH MENANG HANYA DISINI
FURI88 ONLINE
 
CH.3.pptx DIGITAL MARKETING STRATEGY, IMPLEMENTATION AND PRACTICE Seventh Edi...
CH.3.pptx DIGITAL MARKETINGSTRATEGY, IMPLEMENTATION AND PRACTICESeventh Edi...CH.3.pptx DIGITAL MARKETINGSTRATEGY, IMPLEMENTATION AND PRACTICESeventh Edi...
CH.3.pptx DIGITAL MARKETING STRATEGY, IMPLEMENTATION AND PRACTICE Seventh Edi...
motasem221
 
Path to the next normal collection McKinsey
Path to the next normal collection McKinseyPath to the next normal collection McKinsey
Path to the next normal collection McKinsey
MajIman2
 
84th Marketing Club (OTC Marketing) Dr.Mahmoud Hamed 23rd Cairo.pdf
84th Marketing Club (OTC Marketing) Dr.Mahmoud Hamed 23rd Cairo.pdf84th Marketing Club (OTC Marketing) Dr.Mahmoud Hamed 23rd Cairo.pdf
84th Marketing Club (OTC Marketing) Dr.Mahmoud Hamed 23rd Cairo.pdf
ahmed614380
 
Look at our July library display on Mining
Look at our July library display on MiningLook at our July library display on Mining
Look at our July library display on Mining
NZSG
 
Floating Pontoon | Premier marine solution
Floating Pontoon | Premier marine solutionFloating Pontoon | Premier marine solution
Floating Pontoon | Premier marine solution
PMSME
 
ハワイ大学留学プログラム最終プレゼン「ハワイ大学マノア校におけるシェアリングモビリティの提案」
ハワイ大学留学プログラム最終プレゼン「ハワイ大学マノア校におけるシェアリングモビリティの提案」ハワイ大学留学プログラム最終プレゼン「ハワイ大学マノア校におけるシェアリングモビリティの提案」
ハワイ大学留学プログラム最終プレゼン「ハワイ大学マノア校におけるシェアリングモビリティの提案」
Katsuya Shiratori
 
2024 BPMN MIWG Capability Demonstration
2024  BPMN MIWG Capability Demonstration2024  BPMN MIWG Capability Demonstration
2024 BPMN MIWG Capability Demonstration
Denis Gagné
 
AI and Best Use Cases for Your Personal Life.pptx
AI and Best Use Cases for Your Personal Life.pptxAI and Best Use Cases for Your Personal Life.pptx
AI and Best Use Cases for Your Personal Life.pptx
Brian Frerichs
 
20240716_ TJ Communications Credentials.pdf
20240716_ TJ Communications Credentials.pdf20240716_ TJ Communications Credentials.pdf
20240716_ TJ Communications Credentials.pdf
tjcomstrang
 
IRDAI's Regulatory Sandbox - Transforming Insurance Sector in India
IRDAI's Regulatory Sandbox - Transforming Insurance Sector in IndiaIRDAI's Regulatory Sandbox - Transforming Insurance Sector in India
IRDAI's Regulatory Sandbox - Transforming Insurance Sector in India
Enterslice
 

Recently uploaded (20)

Mid America Trucking Show Exhibitor List 2024 - Exhibitors Data
Mid America Trucking Show Exhibitor List 2024 - Exhibitors DataMid America Trucking Show Exhibitor List 2024 - Exhibitors Data
Mid America Trucking Show Exhibitor List 2024 - Exhibitors Data
 
Benefits of Hiring Gen X Compared to Gen Z and Millennials.pptx
Benefits of Hiring Gen X Compared to Gen Z and Millennials.pptxBenefits of Hiring Gen X Compared to Gen Z and Millennials.pptx
Benefits of Hiring Gen X Compared to Gen Z and Millennials.pptx
 
Restaurant Chiraz Sindbad Hotel Hammamet
Restaurant Chiraz Sindbad Hotel HammametRestaurant Chiraz Sindbad Hotel Hammamet
Restaurant Chiraz Sindbad Hotel Hammamet
 
Why is Structural Engineering Critical in Disaster Preparedness and Resilienc...
Why is Structural Engineering Critical in Disaster Preparedness and Resilienc...Why is Structural Engineering Critical in Disaster Preparedness and Resilienc...
Why is Structural Engineering Critical in Disaster Preparedness and Resilienc...
 
Steps to Register Company in Dubai Mainland.pptx
Steps to Register Company in Dubai Mainland.pptxSteps to Register Company in Dubai Mainland.pptx
Steps to Register Company in Dubai Mainland.pptx
 
DPI Playbook for MOSIP MIS framework India
DPI Playbook for MOSIP MIS framework IndiaDPI Playbook for MOSIP MIS framework India
DPI Playbook for MOSIP MIS framework India
 
HiFi Girls Call Surat 000XX00000 Provide Best And Top Girl Service And No1 in...
HiFi Girls Call Surat 000XX00000 Provide Best And Top Girl Service And No1 in...HiFi Girls Call Surat 000XX00000 Provide Best And Top Girl Service And No1 in...
HiFi Girls Call Surat 000XX00000 Provide Best And Top Girl Service And No1 in...
 
The Importance of Public Relations for New Graduates.pdf
The Importance of Public Relations for New Graduates.pdfThe Importance of Public Relations for New Graduates.pdf
The Importance of Public Relations for New Graduates.pdf
 
Network Observability – 5 Best Platforms for Observability
Network Observability – 5 Best Platforms for ObservabilityNetwork Observability – 5 Best Platforms for Observability
Network Observability – 5 Best Platforms for Observability
 
FURI88 : GAME SLOT PGSOFT PALING GACOR MUDAH MENANG HANYA DISINI
FURI88 : GAME SLOT PGSOFT PALING GACOR MUDAH MENANG HANYA DISINIFURI88 : GAME SLOT PGSOFT PALING GACOR MUDAH MENANG HANYA DISINI
FURI88 : GAME SLOT PGSOFT PALING GACOR MUDAH MENANG HANYA DISINI
 
CH.3.pptx DIGITAL MARKETING STRATEGY, IMPLEMENTATION AND PRACTICE Seventh Edi...
CH.3.pptx DIGITAL MARKETINGSTRATEGY, IMPLEMENTATION AND PRACTICESeventh Edi...CH.3.pptx DIGITAL MARKETINGSTRATEGY, IMPLEMENTATION AND PRACTICESeventh Edi...
CH.3.pptx DIGITAL MARKETING STRATEGY, IMPLEMENTATION AND PRACTICE Seventh Edi...
 
Path to the next normal collection McKinsey
Path to the next normal collection McKinseyPath to the next normal collection McKinsey
Path to the next normal collection McKinsey
 
84th Marketing Club (OTC Marketing) Dr.Mahmoud Hamed 23rd Cairo.pdf
84th Marketing Club (OTC Marketing) Dr.Mahmoud Hamed 23rd Cairo.pdf84th Marketing Club (OTC Marketing) Dr.Mahmoud Hamed 23rd Cairo.pdf
84th Marketing Club (OTC Marketing) Dr.Mahmoud Hamed 23rd Cairo.pdf
 
Look at our July library display on Mining
Look at our July library display on MiningLook at our July library display on Mining
Look at our July library display on Mining
 
Floating Pontoon | Premier marine solution
Floating Pontoon | Premier marine solutionFloating Pontoon | Premier marine solution
Floating Pontoon | Premier marine solution
 
ハワイ大学留学プログラム最終プレゼン「ハワイ大学マノア校におけるシェアリングモビリティの提案」
ハワイ大学留学プログラム最終プレゼン「ハワイ大学マノア校におけるシェアリングモビリティの提案」ハワイ大学留学プログラム最終プレゼン「ハワイ大学マノア校におけるシェアリングモビリティの提案」
ハワイ大学留学プログラム最終プレゼン「ハワイ大学マノア校におけるシェアリングモビリティの提案」
 
2024 BPMN MIWG Capability Demonstration
2024  BPMN MIWG Capability Demonstration2024  BPMN MIWG Capability Demonstration
2024 BPMN MIWG Capability Demonstration
 
AI and Best Use Cases for Your Personal Life.pptx
AI and Best Use Cases for Your Personal Life.pptxAI and Best Use Cases for Your Personal Life.pptx
AI and Best Use Cases for Your Personal Life.pptx
 
20240716_ TJ Communications Credentials.pdf
20240716_ TJ Communications Credentials.pdf20240716_ TJ Communications Credentials.pdf
20240716_ TJ Communications Credentials.pdf
 
IRDAI's Regulatory Sandbox - Transforming Insurance Sector in India
IRDAI's Regulatory Sandbox - Transforming Insurance Sector in IndiaIRDAI's Regulatory Sandbox - Transforming Insurance Sector in India
IRDAI's Regulatory Sandbox - Transforming Insurance Sector in India
 

GLBA Topology

  • 1. The Gramm-Leach-Bliley Act 2 RULES FINANCIAL PRIVACY RULE SAFEGUARDS RULE PRETEXTING PROTECTION Governs the collection and disclosure of customers’ personal financial information by financial institutions. It also applies to companies, regardless of whether they are financial institutions, who receive such information 6809 Definitions 6808 Study of information sharing among affiliates 6805 Enforcement 6803 Disclosure of institution privacy policy 6802 Obligations to disclosures of personal information 6807 Relation to State laws 6801 Protection of nonpublic personal information 6804 Rulemaking 6806 Relation to other provisions 6823 Criminal penalty 6822 Administrative enforcement 6821 Privacy protection for customer information 6824 Relation to State laws Requires all financial institutions to design, implement and maintain safeguards to protect customer information. HIPAA requires every provider who does business electronically to use the same health care transactions, code sets, and identifiers. HIPAA has identified TEN standard transactions for Electronic Data Interchange (EDI) Authored by; Jason P. Rusch - CISSP, CISM, CISA | www.infosec-rusch.com | jason@infosec-rusch.com 6825 Agency guidance 6826 Reports 6827 Definitions TITLE 15 Chapter 94 Subsection II FRAUDULENT ACCESS TO FINANCIAL INFORMATION Subsection I DISCLOSURE OF NONPUBLIC PERSONAL INFORMATION TITLE 15 Chapter 94 1 PROVISION