Gramm-Leach-Bliley Act (GLBA) - Outline and Do-Not-Call

a. Non-public information regarding a customer

-information that a consumer pits on an application -information about the individual from another source, such as a credit bureau -information about transactions between the individual and the company,such as an account balance.

l. Retention of information after a solicitation

2 years

k. do not call request

DO not call provision: Mortgage professional involved in sales must provide truthful and prompt verbal disclosure of: -identity of the caller -fact that purpose of the calls is to sell good and services -nature of goods/services being sold -assurance that no purchase or payment required to participate in any type of promotion -must update list every 31 days -maintain in internal do not call system (place on companies internal do not call list is customer requests list)

b. Permissible use of non-public information regarding a customer

Financial institutions are not required to provide consumers with a privacy notice unless they intend to share information about consumers with non-affiliated third parties.

d. Requirement for written privacy policy disclosures

Financial institutions are required to send annual privacy notices to customers, and these notices must contain the same information that is included in the initial privacy notice, including the right to opt-out and information on exercising the right to opt-out

k. Do-not-call request

If on Do-Not-Call-List -If established business - can call for 18 months -If inquiry - can call for 3 months

c. Purpose of act

Protecting the privacy of consumer information held by financial institutions through the Financial Privacy Rule , Safeguard rule, and pretexting provision.

Permissible hours for telephone calls

Telemarketers can't call you before 8 a.m. or after 9 p.m.

h. Precautions to protect customer information GLBA-Safeguards rule

requires financial instituitions to have a written security plan to protect the confidentiality and integrity of personal consumer information. this security plan must describe the measures that the firm is taking to protect data, and employees should be trained on the requirements of the plan.

e. Acceptable delivery methods for a privacy notice

the delivery notice must be delivered by mail or by hand. for individuals who conduct transactions electronically, financial institutions may post the privacy notice on there website and require consumer or customer to acknowlegde recieving the notice as a nescessary part of obtaing a particular product or service.

g. Written policies for maintaining do-not-call lists

sellers of goods or services are required to search the registry every 31 days and delete from their call lists those phone numbers that are in the registry.

i. Purpose of the National Do-Not-Call Registry

The National Do Not Call Registry is a list of phone numbers from consumers who have indicated their preference to limit the telemarketing calls they receive. The registry is managed by the Federal Trade Commission (FTC), the nation's consumer protection agency.