amr/hermes-brain
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
94f1871177dfbad0b44bcf13adb7f680fad1830a
hermes-brain/ideas/compliance/glba.org
Hermes 94f1871177 gbrain: sync converted org-mode brain files
2026-05-24 03:00:35 +00:00

934 B
Raw Blame History

GLBA (Gramm-Leach-Bliley Act)

US federal law governing financial institutions' handling of nonpublic personal information (NPI). Requires privacy notices, opt-out rights, and a Safeguards Rule requiring an information security program.

Who must comply: Banks, credit unions, insurance companies, securities firms, financial advisers. ~20,000 institutions.

Penalties: FTC-enforced. Civil penalties up to $100K per violation; officers and directors personally liable.

Why it matters: The Safeguards Rule maps directly to gate stack access controls. Every NPI access is gated; the proof log is the security program's evidence. First-mover advantage is narrow (GLBA is well-understood) but the market is large because every financial institution that dodges HIPAA still faces GLBA.

Reference in New Issue View Git Blame Copy Permalink