Exterro's Legal GRC Breakdown

Get your daily dose of news, best practices, and technology from Exterro's e-discovery, privacy, and digital forensics experts here.


Data Retention Critical to New FTC Regulations

Created on August 3, 2020

Demand Generation Manager, Exterro

Overview: The Federal Trade Commission is proposing new cybersecurity requirements to its Gramm-Leach-Bliley Act (GLBA) safeguard rules. A central tenet of New York State Department of Financial Services policies, as well as current FTC guidance on reasonable security, is data retention.

Why is This News Important: Under the proposed rule, financial institutions would need to designate someone within the company as responsible for overseeing the institution’s information security program. Financial institutions would also be required to periodically perform additional risk assessments, regularly test and monitor the effectiveness of its program, and have encryption and multifactor authentication data controls, among a host of other requirements. Data retention is a current guidance from FTC and NY DFS so is predicted to have a stronger presence with these new regulations.

Who This Applies To: Financial Institutions

How Exterro’s Software Helps Tackle These New Regulations: Manually performing data minimization/retention processes can be labor-intensive, especially for smaller financial institutions. But with a combination of structured processes and technology, risks and costs can both be reduced. The world's most trusted and defensible data retention and disposal software solution for meeting FTC and regulatory obligations is Exterro’s Data Retention platform.

View the full story on Law.com.