The GDPR is New but the GLBA Continues to Endure

January 23, 2020

By: Dori K. Bailey

The General Data Protection Regulation (GDPR) is a privacy law issued by the European Union with far reaching effects, but the Gramm-Leach-Bliley Act (GLBA) continues to provide privacy requirements for financial institutions, including commercial banks, savings banks, credit unions and other businesses that engage in activities that are financial in nature.

The rules implementing the GLBA prohibit a financial institution from disclosing any nonpublic personal information about a consumer to a nonaffiliated third party unless certain notice and opt out requirements are met. Nonpublic personal information includes personally identifiable financial information of a consumer, such as information on a loan application and account balance information. Certain exceptions may also apply.

Our Financial Institutions Regulatory Practice provides comprehensive and customized legal, regulatory and business advice to our financial institution clients. We have the resources and substantial experience to advise our clients through the labyrinth of complex and extensive laws and regulations applicable to financial institutions, including the GDPR and the GLBA. We are committed to assisting every financial institution client with our coordinated and responsive approach to client needs.

If you have any questions regarding this memo, please contact Dori K. Bailey, chair of our Financial Institutions Regulatory practice, for further assistance.