The Federal Trade Commission (FTC) has approved an amendment to the Safeguards Rule that would require nonbanking financial institutions to report a breach of unencrypted customer information involving at least 500 customers. The notice must be provided as soon as possible, and no later than 30 days after discovery. The new requirement becomes effective 180 days after publication of the rule in the Federal Register.
Read the full Alert on the Duane Morris LLP website.