Compliance Need Not Be Complicated or Costly

 

With LibertyID Business Solutions you are simultaneously improving the safeguards surrounding your consumers’ private data and you are also heading toward your compliant posture in relation to federal and state regulations – including the FTC Safeguard Rules.

 

Hero Image

 

While most all states require businesses to develop and implement written information security programs, all financial institutions, regardless of where they are based, are required by federal law to institute similar procedures to safeguard their customers’ personal information.

 

NEW FTC Safeguard Rules

1. Qualified Individual responsible for developing, overseeing, monitoring, and enforcing your business’ information security program.

2. Periodic risk assessments must be used to guide continued updating and enforcement of your information security program.

3. Implement customer information safeguards to control the risks identified in the risk assessments.

4. Continuous monitoring or annual penetration testing and biannual vulnerability assessments.

5. Implement policies and procedures to ensure employees are properly carrying out the information security program.

6. Dealerships must ensure that service providers or third-parties that have access to their customer information maintain safeguards commiserate with a business’ own information security program.

7. Have a written incident response plan in place to lay out the process for responding to any breach that exposures or compromises customer information that our business maintains.

8. The designated Qualified Individual must report in writing, at least annually, to the dealership’s board of directors or equivalent governing body a formally written report about information security controls.

WHAT THE FTC IS SAYING...

“…entities that collect sensitive consumer data have a responsibility to protect it,” said Samuel Levine, Director of the FTC’s Bureau of Consumer Protection. “The updates adopted by the Commission to the Safeguards Rule detail common-sense steps that these institutions must implement to protect consumer data from cyberattacks and other threats.”

Icon Grid Image
Step 1

Assign a “Qualified Individual” responsible for developing, overseeing, monitoring, and enforcing your business’ information security program.

Icon Grid Image
Step 2

 

Partner with LibertyID.

Icon Grid Image
Step 3

 

Meet the new FTC enforcement deadline of June 9, 2023.

Compliance Solution

WISP

Create and update the required documentation laying out a written plan for how the firm is protecting clients’ data and sensitive information.

Regulatory Updates

LibertyID keeps up with the data security laws affecting businesses in all 50 States and USA Territories.

Risk Assessments

Easy to use, self-administered assessments.

Policies & Procedures

A suite of enterprise-grade compliance policies and procedures for your organization.

Training & Testing

Modules for annual information security awareness training and testing as required by federal and state regulations.

Vendor Assessment

A very simple vendor-completed solution to enable vendor compliance engagement and to review vendor security posture.

Regulatory Response

LibertyID ensure their members are in notification compliance with state and federal regulations.

Client Notification

Provides customer Identity Fraud Mitigation Services for the business’s clients (past and present) in the event of a data breach.

Beyond the Safeguard Rules

Dark Web Monitoring

Employs sophisticated search, data mining, and data matching technology to detect if your business domain, or any email addresses associated with your business domain have been compromised.

Business Identity Fraud Restorations

A dedicated Business Fraud Manager who is a Certified Financial Crimes Investigator (CFCI) and fraud investigator– will support any fraud event including business ID theft and refund fraud.

Employee and Family Identity Fraud Restoration Concierge Services

Covers all current employees and family members for all areas of identity fraud no matter where it occurs in their life.

Customer Identity Fraud Restoration Services

Covers the business’s customers/clients (past and present) in the event of a data breach of the business with fully managed identity fraud restoration services.