Gramm-Leach-Bliley Compliance

All customers of financial institutions who maintain a relationship or obtain products or services such as those listed here are protected under GLBA.

GLBA affects a wide range of financial institutions such as banks, thrifts, credit unions and insurance firms as well as any firm engaged in activities including:

  • Mortgage Lending
  • Credit Card Activities
  • Securities Brokerage Activities (Including Dealers and Advisors)
  • Insurance Sales (Underwriters and Agents)
  • Tax Planning and Preparation Services
  • Investment Advice

A wide range of non-public personal information and personally identifiable financial information is subject to the privacy controls of GLBA.

IDrive® answers security concerns in the following manner:

  • The data files are made secure using AES 256-bit encryption when stored on your local BMR device and your cloud account. Data files are also encrypted when transferred to the cloud account.
  • Data access is restricted by password authentication and is date and time-stamped by user
  • Client access is only through authorized personnel with the encryption password, which is known only to the user
  • Detailed reporting gives regulators a clear idea of the chain of custody of the stored information, and rapid access, should it be required

Data will remain housed in the IDrive customer storage areas for as long as the client retains it—specified by client in cloud retention policy. IDrive does not have access to the contents of the data files stored, so it is up to the client to maintain the data in a manner that is compliant with GLBA.

Note: IDrive BMR offers the choice of employing private encryption which is known only to the user and not stored on IDrive BMR servers, in addition to default encryption.