The FTC Safeguards Rule that was extended last year will go into effect on June 9, 2023.
The provisions of the updated rule specifically affected by the six-month extension include requirements that covered financial institutions:
- designate a qualified individual to oversee their information security program,
- develop a written risk assessment,
- limit and monitor who can access sensitive customer information,
- encrypt all sensitive information,
- train security personnel,
- develop an incident response plan,
- periodically assess the security practices of service providers, and
- implement multi-factor authentication or another method with equivalent protection for any individual accessing customer information.
For more information on the FTC Safeguards Rule, click here.