FTC tweaks Safeguards Rule to address data breaches
By 
Kyle Brasseur2023-10-30T14:28:00
Nonbank financial institutions must report certain data breaches to the Federal Trade Commission (FTC) within 30 days of discovery under a new amendment to the agency’s Safeguards Rule.
The update to the rule, announced Friday, applies to cybersecurity incidents where the unencrypted information of at least 500 consumers is acquired without authorization. Covered entities must inform the FTC regarding the types of information accessed, the date range of the event, and the number of individuals affected.
The new requirement is scheduled to take effect 180 days after publication in the Federal Register.
Related articles
-
News BriefAdobe: Penalties possible in FTC subscriptions probe
Software company Adobe disclosed it could face “significant monetary costs or penalties” resulting from an ongoing Federal Trade Commission investigation into its disclosure and subscription cancellation practices.
-
News BriefSEC risk alert flags branch office cybersecurity controls
The protection of customer personal data by branch offices of broker-dealers and investment advisers should be just as robust—and as well-coordinated—as protocols used by the firm’s home office, according to the Securities and Exchange Commission.
-
News Brief
SEC proposes Reg S-P updates on incident response, breach notifications
The Securities and Exchange Commission proposed amendments to its regulation requiring broker-dealers, investment companies, and registered investment advisers to establish policies and procedures to safeguard customer records and information.
More from Regulatory Policy
-
ArticleU.K. updates pension and asset manager rules, but internal auditors flag governance gaps
Will “taking an axe to” red tape and onerous reporting commitments free up trillions invested in U.K. pensions and increase the value of assets managed by regulated financial services firms?
-
News BriefU.S. Labor Department advances sweeping deregulation push targeting worker protections
The U.S. Department of Labor (DOL) appears to be in the process of deregulating work rules. Some of the changes proposed would result in a reduction of pay for certain health workers and allow minors to work hazardous jobs.
-
News BriefAtkins says SEC to embrace innovation, criticizes regulatory uncertainty around tokenization
SEC Chair Paul Atkins pointed to the growth of tokenized shares as a key development reshaping private markets, suggesting the agency is preparing to update its rules to keep pace with new forms of digital asset trading and settlement.