In 1999, Congress enacted the Gramm-Leach-Bliley Act (GLBA), which contains rules regarding the privacy of NPI collected by financial institutions. The GLBA defines NPI as:
“Personally identifiable financial information – provided by a consumer to a financial institution, resulting from any transaction with the consumer or any service performed for the consumer; or otherwise obtained by the financial institution.”
The term does not include publicly available information lawfully made available by federal, state, and local governments.
With so much sensitive data shared throughout mortgage processing workflows, it’s no surprise that regulations exist to protect NPI and that compliance with data privacy regulations is a top concern for lending institutions.
Two rules within the GLBA deal with the safeguarding and privacy of NPI.
Beyond the GLBA, mortgage companies and other financial institutions must also comply with regulations from the Consumer Financial Protection Bureau (CFPB) and state privacy laws such as those in California, Vermont, New York, and Arizona.
Learn how organizations throughout the mortgage supply chain should incorporate data protection capabilities into their security strategy to ensure compliance with GLBA, CFPB, CCPA, and other data privacy regulations.Download Now
While compliance is a top concern for mortgage companies and financial institutions, consumers have data privacy concerns of their own as it relates to obtaining a mortgage: ease of use. Traditional solutions (such as secure portals) frustrate end users with separate, redundant applications and workflows, new accounts, and passwords to manage.
A more modern approach to collecting and sharing documents containing NPI could be as straightforward as a simple email exchange of attachments with additional layers of security for advanced privacy protection. With this approach, you can protect NPI everywhere it’s shared throughout the mortgage transaction process to meet the GLBA’s Safeguards Rule requirements for secure storage and transmission of sensitive customer data. Plus, you can enable more efficient client communications with streamlined service models that help differentiate your business from competitors, build client trust, and ultimately drive business growth.
Virtru unlocks seamless, secure NPI sharing workflows throughout the mortgage process to ensure client privacy and compliance with GLBA, CFPB, CCPA, and more. Ease of use helps streamline NPI sharing workflows for seamless customer experiences that enhance engagement.
Protect email and files in Gmail, Google Drive, and Outlook with end-to-end encryption that prevents unauthorized third-party access to NPI shared throughout the mortgage loan process. Disable forwarding, set expiration, and revoke messages. Watermark files to deter leaks, and maintain persistent control wherever files are shared.
View when and where email messages and files containing NPI have been accessed throughout the mortgage lifecycle, and adapt controls as mortgage processing workflows evolve.
To learn more about how Virtru can help secure NPI to maintain privacy and compliance, get in touch with us today.
Contact us to learn more about our partnership opportunities.