Saltzman Law

What if any steps do I need to take in order to protect my customers’ data if my Maryland business has a financing option for customers to pay their bills?

Under the Gramm-Leach-Bliley Act (GLBA), any business significantly engaged in offering financial services must abide by the “Privacy Rule” and the “Safeguards Rule.” If your business regularly offers a financing option to your clients, notwithstanding your business’s industry, you will probably have to abide by these rules. Under the Privacy Rule, you must provide privacy notices to customers when they begin a business relationship with you. You must also provide updated privacy notices every year thereafter.

The Safeguards Rule requires these same businesses to implement information security programs in order to safeguard customer information. As security threats become more sophisticated, these plans will need to be regularly updated.

Many business owners have questions about whether they are subject to the GLBA. If you need help understanding whether your Maryland business is subject to the GLBA, or would like us to ensure your compliance with the GLBA, contact Saltzman Law.