Protection of personal information has always been an essential public priority. This is why laws have been actively developed to ensure this privacy. Although many people consider essential information, such as bank balances and account numbers, to be confidential, this data is bought and sold by banks and credit card companies all the time. This essay will discuss several personal data protection acts and compare them.
The Gramm-Leach-Bliley Act (GLBA) is a US law that reshapes the financial services industry by enabling commercial and investment banks, security firms and actuarial companies to merge and address customer privacy concerns. It required the Federal Trade Commission (FTC) and other financial services regulators to implement regulations to address privacy provisions such as the Financial Privacy Rule and GLBA requirements (Walrath, 2017).
It was enacted to protect consumer privacy and covers financial institutions that offer financial products and facilities to customers, such as credit, insurance and investment advice. The Financial Privacy Rule requires institutions to create a Privacy Notice for their customers (Lin & Li, 2017). This document details the institution’s information about customers, to whom the information is shared, how it is used, and how it is protected. The Confidentiality Notice should notify customers that they have the right to refuse to have their information published by the financial institutions. Firms must give their clients the opportunity to opt-out if they do not want their confidential information shared. The FTC is assigned the obligation to monitor compliance with these requirements.
Data privacy must be ensured not only in the financial sector but also in the health sector. The Health Insurance Portability and Accountability Act of 1996 (HIPAA) is a federal law that sets rules about who can see and get one’s health information (Cohen & Mello, 2018). This law provides people with rights in regard to their medical information and governs when this information can be disclosed. It also requires physicians, pharmacists and other health care service providers and insurance plans to communicate the individual’s rights and how their personal health information may be processed or shared.
These two laws, GLBA and HIPAA, have many similarities. The main one, of course, is their focus on the protection of personal data. However, beyond that, there are several other aspects. For example, both laws focus on continuous compliance monitoring and treat compliance as an ongoing process rather than a one-off action (Scholas et al., 2019). In addition, they also require the use of secure service providers (GLBAs) or business partners (HIPAAs) to handle sensitive information on behalf of their respective organizations responsibly. Finally, both laws emphasize ongoing training for employees using these acts to protect information within organizations.
The similarities between HIPAA and GLBA may lead agents and brokers to wonder which law to follow. The truth is that organizations must comply with all rules that apply to businesses. At first glance, this may seem impossible. However, things get a lot easier when one learns about the dubbing of the basic rules of the two acts. HIPAA serves as an excellent basis for GLBA compliance. Understanding the documentation is not easy. Data protection law is complex and extremely thorough. It is worth remembering that if a company does not have a specialist with sufficient expertise to implement the policies in-house, it is best to seek help from an expert. Ignoring these laws will not exempt management from paying the penalty for non-compliance.
References
Cohen, I. G., & Mello, M. M. (2018). HIPAA and protecting health information in the 21st century. JAMA, 320(3), 231–232. Web.
Lin, J., & Li, X. (2017). Regulatory policies on Gramm-Leach-Bliley consolidation of commercial banking, shadow banking, and life insurance. Journal of international financial markets, institutions, and money, 50(1), 69-84. Web.
Scholas, M., Nkunzimana, A., & Ndagijimana, A. (2019). Healthcare data security technology: HIPAA compliance. Wireless communications and mobile computing, 19(1), 1-7. Web.
Walrath, D. (2017). Privacy and information disclosure: An economic analysis of the Gramm-Leach-Bliley Act. The journal of the Trachtenberg School of Public Policy and Public Administration at The George Washington University, 24(1), 1-27. Web.