FAIL (the browser should render some flash content, not this).

ONLINE LEGAL RESOURCES

PROTECTION OF CONSUMER FINANCIAL INFORMATION

 Print this article

Litigation Avoidance - December 18th, 2008

Businesses which regularly collect and store financial information of customers need to be aware of applicable federal and state regulations which govern the handling of this information.  Consulation with an attorney is advisable as failure to follow applicable federal and state laws could subject your business to liability for unauthorized disclosures. 

Businesses defined as a"financial institution" or "creditor" under the Fair Credit Reporting Act (FCRA), or as amended by the Fair and Accurate Credit Transactions Act of 2003 (FACTA), must adopt and implement a written identity theft program to detect, prevent and mitigate identify theft.  Failure to comply with applicable federal and state regulations regarding the collection and transmission of consumer financial information may subject your business to civil liability in the amount of actual, statutory, and punitive damages.  In addition to liability under applicable federal and state statutes, businesses may be liable to the victim of identity theft for negligence if the business failed to follow "commercially reasonable procedures."

To minimize the potential for liability, buinesses should develop a written plan to protect consumer financial information.  Also, businesses should take advantage of technology and software to protect against unauthorized disclosures.  Businesses should develop policies and procedures for the proper destruction of documentation and media containing sensitive consumer financial information.  In addition, businesses should instruct employees on the proper procedures for protecting consumer financial information.  

The disclosure of a consumer's personal financial information is primarily governed by the Gramm-Leach Bliley Act (GLBA).   In general, a financial institution may not disclose nonpublic personal information to a nonaffiliated third party unless -

  1. such financial institution clearly and conspicuously discloses to the consumer, in writing or in electronic form or other form permitted by the regulations prescribed under section 6804 of this title, that such information may be disclosed to such third party;
  2. the consumer is given the opportunity, before the time that such information is initially disclosed, to direct that such information not be disclosed to such third party; and
  3. the consumer is given an explanation of how the consumer can exercise that nondisclosure option.

Under GLBA, the disclosure of a consumer's personal financial information may be permissible in the following situations:

  1. where the disclosure is necessary to effect, administer or enforce a transaction;
  2. with the consumer's consent;
  3. to protect the confidentiality or security of a financial institution's records pertaining to the consumer, service, product or transaction;
  4. to protect against or prevent actual or potential fraud, unauthorized transactions, claims or other liability;
  5. to certain agencies and persons assessing a financial institution's compliance with industry standards, including attorneys, accountants and auditors;
  6. to a consumer reporting agency in accordance with the FCRA;
  7. to individuals and businesses with a legal interest relating to the consumer;
  8. in connection with a proposed or actual sale, merger or acquisition; and
  9. to comply with laws and legal process. 

If an unathorized disclosure is discovered, businesses should immediately contact an attorney to conduct a thorough review of the situation.  The business may be obligated to notify consumers of the unauthorized disclosure.  An attorney can assist the business with minimizing the potential fallout from any unauthorized disclosure which is an event that should be taken seriously. 

The information contained in this article is not intended as legal advice and should not be taken as such.  Rather, the information is provided to alert the reader to issues to be discussed with an attorney.  For additional information, the reader should read the Legal Notices and Disclaimers page on this website. 

MORE LEGAL RESOURCES

SEARCH RESOURCES

RESOURCES BY CATEGORY

  • Litigation Avoidance
    Avoidance of legal violations that may lead to litigation Articles..