Question

. Please explain the Gramm-Leach Bliley Act. You must explain the background and history of the Act. 2. Research and discuss a case outside of the book and lecture notes in regard to the Gramm-Leach Bliley Act. 3. How would you define the major parts of the privacy requirements: the Financial Privacy Rule, the Safeguards Rule, and the pretexting provisions? (Write a minimum of 1-paragraph for each). 4. Research and discuss a case outside of the book and lecture notes in regard to HIPPA? 5. Who is protected by HIPPA? Who must comply with HIPPA? 6. What is the relevance of health care plans, providers and clearinghouses?

Answer 1

1) Gramm-Leach Bliley Act

During the time of Great Depression in the year 1933, congress introduced an act called Glass-Steagall Act preventing the merger of banks and other financial institutions. But later in November 1999 Gramm-Leach Bliley Act was executed which removed bans on the merger of Banks, Insurance companies and Securities Company by repealing section of Glass-Steagall Act. GLBA act is also known as Financial Services Modernization Act.

Earlier in 1997, 98 and 99 there were many cases of consumer privacy violation due to which Title V was introduced under GLBA Act by the congress which provided limited privacy protection for fiscal information. This statute was signed by then U.S President Bill Clinton and thus became a law.

3) Major Parts of Privacy Requirements:

• Financial Privacy Rule: As per the Financial Privacy Rule a privacy notice should be provided by the financial institutions to the customers stipulating the information collected from the customer, for what purpose it is shared, where it is shared and how it will be safeguarded against violation.
• Safeguard Rule: As per the Safeguard Rule an information security Program has to be prepared by the financial institutions specifying how consumer’s information will be protected. This rule provides assurance to the customers that their private information is not disclosed to a fraudulent party.
• Pretexting Provisions: The objective of Pretexting Provisions is to protect the customers against pretexting which means the act of getting access of a person’s personal information fraudulently. This provision was required due to increased pretexting activities like ‘phishing’.