Brainscape's Knowledge GenomeTM

Browse over 1 million classes created by top students, professors, publishers, and experts.


See full index

NMLS > GLB-Privacy Laws > Flashcards

GLB-Privacy Laws Flashcards

1
Q

Why was the Gramm-Leach-Bliley Act enacted?

A

The Gramm-Leach-Bliley Act (GLB Act), as implemented by Regulation P, was enacted to protect the privacy of consumer personal information.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

What institutions does the GLB apply to?

A

It applies to all financial institutions over which the Federal Trade Commission has regulatory authority.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

What is the purpose of the Gramm-Leach-Bliley Act?

A

It sets standards for developing, implementing and maintaining reasonable administrative, technical and physical safeguards to protect the security, confidentiality and integrity of customer information.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

What is Nonpublic Personal Information?

A

Nonpublic personal information (NPI) is any personally-identifiable financial information that a financial institution obtains in connection with providing a financial product or service, unless that information is otherwise publicly available

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

What is Personally-identifiable financial information?

A

Personally-identifiable financial information is information provided to a financial institution by a consumer in connection with a credit transaction, or information secured by the financial institution in connection with such a transaction.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

What are some examples of NPI?

A

NPI includes information such as name, address, Social Security Number, or other information on a loan application. NPI also includes any information derived from the loan origination process, such as:

  • Account numbers, payment history, loan balances, deposit balances, or credit card purchases
  • A credit report
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

What does NPI not include?

A

NPI does not include information which is publicly available (e.g., government records, information in a telephone directory, information dispensed by the government). If an individual has directed the information to remain private, such as an unlisted telephone number, that information is also NPI.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q

What is the portion of the GLB Act that requires privacy notices?

A

Privacy of Consumer Financial Information Rule

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
9
Q

What is a privacy notice?

A

A privacy notice is a “clear and conspicuous” written notice describing a financial institution’s privacy policies and practices.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
10
Q

What is a consumer?

A

A consumer is an individual who has obtained an isolated financial product or service from a financial institution for personal, family, or household reasons, but does not have an ongoing relationship with the institution (e.g., arranged for a wire transfer, cashed a check, etc.)

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
11
Q

What is a customer?

A

A customer is a consumer with whom the institution has a continuing relationship.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
12
Q

What must consumers receive per GLB?

A

All consumers must receive a privacy notice if the institution intends to share the consumer’s NPI with non-affiliated third parties; if the institution does not intend to share this information with non-affiliated entities, a privacy notice to consumers is not required

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
13
Q

What must customers receive per GLB?

A

All customers must be provided with a privacy notice that clearly discloses the institution’s practices for sharing NPI with affiliates and with third parties and specifies what information will be shared and with whom; this notice is due at the time a customer relationship is established

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
14
Q

What must customers and consumers receive when it comes to opting out per GLB?

A

A financial institution must provide consumers and customers with an opportunity to “opt out” of information sharing with non-affiliates (i.e., direct the institution to refrain from sharing NPI) and instruction on how to do so. A company’s policy should include a convenient method to opt out and a reasonable time to opt out before information is shared.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
15
Q

What must customers received annualy per GLB?

A

In addition to the initial notice, customers must receive an annual privacy notice as long as they are customers; the GLB Act provides that this may be delivered electronically via a webpage, provided that the institution complies with all requirements and restrictions for doing so

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
16
Q

How must privacy notices must be delivered?

A

Privacy notices must be delivered in writing by mail, in person, or by posting on the institution’s website, unless the consumer consents to electronic delivery; posting a privacy notice at an office does not satisfy the delivery requirements

17
Q

What must a privacy notice include?

A
  • Categories of NPI collected and disclosed
  • Categories of affiliates and non-affiliated third parties to which the information is disclosed
  • Categories of information about former customers disclosed and to whom under the joint marketing/service provider exception (with the customer’s permission)
  • If NPI is disclosed to non-affiliated third parties, the categories of information disclosed and the categories of third parties to which such information is disclosed
  • An explanation of the consumer’s right to opt out of the disclosure of NPI to non-affiliated third parties
  • Disclosures required by the Fair Credit Reporting Act
  • The policies and practices used to protect the confidentiality and security of NPI
18
Q

What is the Safeguard Rule?

A

The Safeguards Rule puts in place the document security requirements relating to NPI

19
Q

What must financial institutions do under the SafeGuard Rule?

A
  • Designate one or more employees to oversee the information security program
  • Identify and assess the risks to customer information in each relevant area of the company’s operation and evaluate the effectiveness of the current safeguards for controlling these risks
  • Design and implement a safeguard program and regularly monitor and test it
  • Select appropriate service providers and require them to safeguard consumers’ personal information
  • Evaluate and regularly update the program based on changing factors, including changes in the firm’s business arrangements or operations or as a result of its monitoring of the program
20
Q

What does the Do-Not-Call Implementation Act authorize?

A

The Do-Not-Call Implementation Act authorized the creation of the Do-Not-Call Registry and establishment of do-not-call restrictions under the Telemarketing Sales Rule.

21
Q

What can consumers do when they don’t want to receive calls?

A

A consumer who does not want to receive phone calls from telemarketers, may submit his or her number to the national registry. A phone number remains on the Registry until it is removed or its service is discontinued.

22
Q

The Rule covers telemarketers and third-party sellers. Exemptions from the requirements of the Rule include the following:

A
  • Political calls, such as those from or on behalf of candidates running for political office
  • Charities calling on their own behalf to solicit charitable contributions
  • Calls to persons with whom a seller or telemarketer has an established business relationship
  • Calls to persons who have provided prior written consent for receipt of telemarketing calls
    1. “Prior written consent” may include providing an electronic signature on the website of a seller or telemarketer
23
Q

How often are companies required to update their call lists registry?

A

Companies are required to update their call lists by reviewing the Registry at least once every 31 days.

24
Q

If a consumer requests that his or her number be placed on a company-specific list how long does the company have to do so?

A

If a consumer requests that his or her number be placed on a company-specific list, the company has 30 days in which to do so.

25
Q

How much will a company be fined that violates the Telemarketing Sales Rule?

A

A company that violates the Telemarketing Sales Rule may be fined up to $43,792 per violation, and each phone call is treated as a separate violation.

26
Q

It is prohibited for a telemarketer to make solicitation calls outside of what hours?

A

Outside the hours of 8:00 a.m. and 9:00 p.m

27
Q

What is an established business relationship?

A

An established business relationship is a relationship between a company and a consumer in which the consumer:

  • Purchased, rented, or leased goods and/or services from the seller or participated in a financial transaction with the seller within the 18 months preceding a telemarketing call, or
  • Made an inquiry into the business of the seller within three months preceding a telemarketing call
  • A company may contact someone on the Registry if it has an established business relationship with the consumer.
28
Q

What calls are exempt from the telemarketing sales rule?

A

Purely informational pre-recorded calls (e.g., a call from an airline, an appointment reminder) are exempt from the Rule. However, if any solicitation is part of the message, such a call would be prohibited unless the consumer has provided permission in advance.

NMLS (41 decks)

Brainscape helps you reach your goals faster, through stronger study habits.
© 2024 Bold Learning Solutions. Terms and Conditions