The protection of consumer information is one of the major concerns of the businesses involved in nearly any sector of the economy, particularly financial institutions. The Federal Trade Commission (FTC) Safeguards Rule is a critical requirement for these organizations. It provides specific requirements for certain financial institutions, including a plan for ensuring compliance with the regulation, identified challenges in meeting the rules, and a process to audit for compliance.
When considering security and finance, we typically consider regulations like PCI DSS, SOX, or FINRA. But if you’re a company doing business in Europe, there’s another framework you need to consider–GDPR. This set of regulations not only governs the exchange of consumer data but also has a massive impact on how financial organizations navigate commerce in the EU and across borders.
Here, we’ll cover some basics financial institutions might want to consider when adopting GDPR requirements.
We’ve often focused on security and maintenance from the perspective of technology itself–specifically, how it is deployed and used by individuals in the real world. But, the truth is that assessments of security technologies don’t start when an enterprise deploys them. Rather, in cases of tech like cryptography modules and biometrics, it begins in the lab that creates them. And that’s where the National Voluntary Laboratory Accreditation Program comes in.
This article discusses NVLAP and its vital function in enhancing the credibility of laboratories involved in testing and calibration. This includes using third-party assessment and rigorous standards to govern how labs protect and assure the products they produce.