VLP Partner Melissa Krasnow Authors “The FTC Safeguards Rule: Information Security Program Elements” for CPI TechREG Chronicle (April 2022)
Posted on Apr 29, 2022 in Privacy, News by Melissa Krasnow
VLP Partner Melissa Krasnow authored “The FTC Safeguards Rule: Information Security Program Elements” for CPI TechREG Chronicle (April 2022).
“The FTC Safeguards Rule: Information Security Program Elements” describes the elements of an information security program under the Federal Trade Commission Final Rule regarding Standards for Safeguarding Customer Information (the “FTC Rule”).
While the effective date of the FTC Rule was January 10, 2022, certain information security program elements become effective as of December 9, 2022.
This article also highlights differences between the FTC Rule information security program elements with counterparts under the New York State Department of Financial Services Cybersecurity Requirements for Financial Services Companies.
Financial institutions to which the FTC Rule applies should assess the extent to which their information security programs satisfy the elements of an information security program under the FTC Rule, identify and address any gaps, and document the foregoing. Other institutions to which the FTC Rule does not apply also may choose to assess where their programs, policies, and practices, among other things, stand in light of evolving federal and state law requirements for information security programs.
Click here for the article.
Share