GLB Act: Gramm-Leach-Bliley Act:

GLB Act: Gramm-Leach-Bliley Act:

The Gramm-Leach-Bliley Act also known as “The Financial Modernization Act of 1999” made  provisions to protect the personal financial information about consumers held by financial institutions.

There are two principal parts relating to document shredding/destruction are the Financial Privacy Rule, Safeguards Rule.

The Financial Privacy Rule: The Financial Privacy Rule requires financial institutions to give their customers privacy notices that explain the financial institution’s information collection and sharing practices. In turn, customers have the right to limit some sharing of their information. Also, financial institutions and other companies that receive personal financial information from a financial institution may be limited in their ability to use that information.

The Privacy Notice

“The privacy notice must be a clear, conspicuous, and accurate statement of the company's privacy practices; it should include what information the company collects about its consumers and customers, with whom it shares the information, and how it protects or safeguards the information. The notice applies to the "nonpublic personal information" the company gathers and discloses about its consumers and customers; in practice, that may be most - or all - of the information a company has about them. For example, nonpublic personal information could be information that a consumer or customer puts on an application; information about the individual from another source, such as a credit bureau; or information about transactions between the individual and the company, such as an account balance. Indeed, even the fact that an individual is a consumer or customer of a particular financial institution is nonpublic person information. But information that the company has reason to believe is lawfully public - such as mortgage loan information in a jurisdiction where that information is publicly recorded - is not restricted by the GLB Act.”

The Safeguards Rule: The Safeguards Rule, enforced by the Federal Trade Commission, requires financial institutions to have a security plan to protect the confidentiality and integrity of personal consumer information.

“Subtitle A of Title V also requires the
Commission and other federal agencies
to establish standards for financial
institutions relating to administrative,
technical, and physical safeguards for
certain information.2 See 15 U.S.C.
6801(b), 6805(b)(2). As described in the
Act, the objectives of these standards are
to: (1) Ensure the security and
confidentiality of customer records and
information; (2) protect against any
anticipated threats or hazards to the
security or integrity of such records; and
(3) protect against unauthorized access
to or use of such records or information
which could result in substantial harm
or inconvenience to any customer.”