The following article is the second one of a series of three about how the fax can help financial organizations to meet their legal obligations. This second text covers the Gramm-Leach-Bliley Act (GLB Act or GLBA), a federal law enacted in the United States.
GRAMM-LEACH BLILEY ACT
The Financial Services Modernization Act, better known as the Gramm-Leach-Bliley Act (GLBA) requires financial institutions to develop, implement, and maintain a comprehensive written information security program that protects the privacy and integrity of customer records. GLBA compliance mandates emphasize the need for each institution to adopt a proactive information security and technology risk management capability. By doing so, your institution can protect information, applications, databases, and the network as part of a comprehensive information security program.
GLBA applies to all banks, credit reporting agencies, security companies, tax preparation companies, real estate settlement service companies, debt collectors, insurance companies and those doing business with said companies.
Protecting customer data relies on more than simple password-protection or encrypting the data itself. It should also involve:
- Network security controls
- External or remote security measures
- Security policies and procedures
- Physical security of IT assets
- Physical security of hard copy documentation
- Incident response procedures
- User education and awareness
- Disaster recovery and business continuity plans
How XM Fax® helps achieve GLBA compliance standards
XM Fax® adheres to GLBA by ensuring the existence of security policies and procedures, as well as disaster recovery and business continuity plans. All employees and support staff are trained internally to be fully aware of the necessary procedures.
In addition to offering strict guidelines on network security controls such as firewalls, intrusion detection systems (IDS) and other information security measures, XM Fax® physically protects customer data by making sure that only those who are authorized and have a need to access the data are able to do so.
Aside from incorporating security controls and procedures, XM Fax® performs internal IT audits and periodic ISMS audits to comply with security policies.
The ISO 27001 certification of the XMedius cloud platform provides a system of control that meets GLBA requirements. XMedius has implemented the strict physical, organizational and technical safeguards necessary to protect the confidentiality and integrity of the information being processed.
In short, XM Fax® offers a level of security and protection that very few fax cloud providers can match. Our clients operate across regulated industries and require an enterprise-grade faxing solution to achieve the highest security standards. XM Fax® is that solution.
Consult the first article of this series: How financial institutions can easily comply with the SOX Act
Contact our compliance experts to learn more: firstname.lastname@example.org