What You Need to Know
- One of the most important disclosures you are required to provide your client is your firm’s privacy notice.
- If you are collecting personal information for purposes outside of providing financial products or services to your client, you may be subject to global privacy regulations.
- To address your firm’s privacy readiness, create an inventory of the NPPI the firm collects.
The ever-increasing confusing maze of privacy is critically important for advisors, my partner, Trina Glass, told me recently. She began by saying: “Perhaps, and I admit I am a bit biased, but the most important disclosure you are required to provide your client is your firm’s privacy notice.
Advisors are subject to the Gramm-Leach-Bliley-Act (GLBA), specifically Regulation S-P, which requires advisors to implement notice requirements and restricts the advisor’s ability to disclose a consumer’s nonpublic personal information (NPPI).
The privacy notice must provide clients with notice of the firm’s privacy policies and practices. If the advisor intends to disclose NPPI about a consumer to nonaffiliated third parties, the advisor must first provide certain corresponding disclosures to the client, giving them the ability to “opt-out” (i.e., prohibit the advisor from disclosing NPPI).
Does your privacy notice comply with Regulation S-P notice/disclosure requirements?
The last few years there has been the emergence of state and foreign privacy laws. Generally, if you are collecting or using personal information for purposes outside of providing financial products or services to your client or collecting NPPI not covered under the GLBA, then your firm may be subject to the evolving privacy obligations required by certain state and international privacy laws.