Gramm-Leach-Bliley Primer on Privacy

For purposes of privacy, an example of a "consumer" is a person who _______

Comes to your financial institution for products or services

T/F: An employee who works in a shared capacity between a financial institution and a non-affiliated third party may freely share information between either entity without regard to any specific privacy policies.

False

T/F: Under the Privacy Rule, your financial institutions obligation to maintain confidentiality only extends to customers. There is no need to protect the privacy of consumers.

False

Broadly defined, non-public personal information is ___________.

Personally identifiable financial information

Which of the following is NOT an example of "personally identifiable financial information?"

??

T/F: Under the Privacy Rule, every consumer must be given a Privacy Notice.

False

Which is NOT an example of non-public personal information?

Information about a customer that is retrieved from a public record.

T/F: If a financial institution does NOT share non-public personal information with non-affiliated third parties, it need not provide the Opt-Out Notice under the GLB Privacy Rule.

True

T/F: If a financial institution does not share information from loan applications, it is not required to provide Privacy Notices to loan applicants.

True

T/F: John, a customer of First Bank, performs his banking online and has elected to receive bank notices electronically. First Bank may, therefore, provide his Privacy Notice online.

True

T/F: A customer may prevent your financial institution from sharing certain information with affiliates by opting out in accordance with the Fair Credit Reporting Act.

True

T/F: A major purpose of GLB is to help protect people against the unwanted sharing of personal information with other companies.

True

A financial institution must provide an Initial Privacy Notice to every ___________.

Customer

If a financial institution does not share information for a particular type of isolated transaction, it must provide __________.

??

Which of the following is considered a non-affiliated third party?

Another local financial institution with no ownership in common with the financial institution

Which of the following must be included in a financial institution's information security program?

Ensuring the security and confidentiality of customer records, protecting against threats or hazards to data security, and protecting against unauthorized access to or use of records.

T/F: A customer's non-public personal information may be shared under certain circumstances considered "exceptions".

True

A customer requests that his or her information is never shared under any circumstances. You should ________.

Explain there are exceptions to the Privacy Rule that allow sharing in certain situations.

T/F: Under the GLB Privacy Rule, a financial institution may share non-public personal information with its affiliates.

True

A(n) _________ is a firm owned by your financial institution or a sister firm owned by the same company that owns your financial institution.

Affiliate

Broadly defined, "personally identifiable financial information" is ___________.

Any information, financial or otherwise, that your financial institution has about its customers.

A(n) __________ is any entity that is not owned by your financial institution or by the company that owns your financial institution.

Non-affiliated third party

T/F: Personally identifiable financial information includes information a financial institution may have collected from other companies.

True

T/F: Under one of the exceptions in the Privacy Rule, financial institutions may share a customer's information in order to complete a transaction requested or authorized by a customer.

True