The attached Privacy Rule Handbook was produced by the Federal Deposit Insurance Corporation (FDIC) to help financial institutions comply with the final rule governing the privacy of consumer financial information and implement effective consumer privacy policies.
The Gramm-Leach-Bliley Act of 1999 (GLBA) established new requirements for financial institutions to provide new privacy protections to consumers. Specifically, Title V of GLBA requires a financial institution to issue privacy notices and provide consumers with an opportunity to opt out of certain types of information sharing. The FDIC developed and adopted a final regulation with other financial institution regulators to implement the GLBA privacy provisions. The FDIC's rule, 12 C.F.R. Part 332, was distributed to FDIC-supervised banks with Financial Institution Letter (FIL) 34-2000, dated June 5, 2000.
Although the privacy rule's effective date is November 13, 2000, compliance is not mandatory until July 1, 2001. Mandatory compliance was extended in the final rule to provide banks with sufficient time to develop the necessary notices and procedures to implement the rule. It is imperative that banks use this interim period to develop a privacy compliance strategy to achieve full compliance by July 1, 2001.
This Handbook is designed to help banks prepare for the July 1, 2001, deadline. First, the Handbook explains the basic requirements of the privacy rule. Second, the Handbook provides suggestions for implementing the requirements of the privacy rule to meet the July 1 deadline. Third, the Handbook suggests activities to monitor and maintain compliance over time. Finally, the Handbook describes in greater detail key terminology in the rule and provides other helpful resources.
The Privacy Rule Handbook does not impose any new requirements on banks. Rather, it provides a summary of the rule's requirements and suggestions to help banks develop and implement effective consumer privacy policies and procedures. The Handbook uses the term "bank" to mean those financial institutions that must comply with Part 332.
For more information about the privacy rule, please contact the FDIC regional office responsible for supervising your bank, or call Ken Baebel, Assistant Director in the Division of Compliance and Consumer Affairs, on (202) 942-3086.
Stephen M. Cross
Attachment: Privacy Rule Handbook
Distribution: FDIC-Supervised Banks (Commercial and Savings)
NOTE: Paper copies of FDIC financial institution letters may be obtained through the FDIC's Public Information Center, 801 17th Street, NW, Room 100, Washington, DC 20434 (800-276-6003 or (703) 562-2200).