PA 09-71—SB 873

Banks Committee


SUMMARY: By law, anyone possessing personal information about another person must safeguard it and the computer files and documents that contain it. “Personal information” is information that can be associated with an individual through an identifier like a Social Security number. The law gives each state agency the authority to enforce this provision against its licensees, registrants, or certificate holders. This act gives agencies the authority to enforce the law against holders of charters subject to their supervision, thereby clarifying that the Department of Banking can enforce the provision against banks.

The act also specifies that a financial institution's adoption of safeguards that comply with the federal Gramm-Leach-Bliley Act constitutes compliance with the law on safeguarding personal information.

Finally, the act eliminates a requirement that monetary penalties for violations of laws safeguarding personal information be deposited into the privacy protection guaranty and enforcement account. This account was never established. Instead, enforcing agencies deposit these penalties into the General Fund.

EFFECTIVE DATE: October 1, 2009


Gramm-Leach-Bliley Act

The 1999 federal Gramm-Leach-Bliley Act applies to financial institutions and how they handle nonpublic personal information. It requires federal regulators to establish comprehensive standards for ensuring the security and confidentiality of consumers' personal financial information.

OLR Tracking: SC: VR: PF: TS