Contains 0 items
Total: $0.00
View Shopping Cart

Federal Reserve Board Regulation P – Privacy of Consumer Financial Information – Overview & Summary of Requirements

By: Staff Editor
Date: November 11, 2011

The US Federal Reserve Board’s Regulation P or Privacy of Consumer Financial Information (12 CFR 216) regulates the use of nonpublic personal information about consumers by financial institutions.

What is nonpublic personal information?

Nonpublic personal information means:

Personally identifiable financial information; and
Any list, description, or other grouping of consumers (and publicly available information pertaining to them) that is derived using any personally identifiable financial information that is not publicly available.

Applicability

Regulation P covers those financial institutions for which the Federal Reserve Board has primary supervisory authority. Therefore any financial institution that provides financial products or services to consumers must comply with Regulation P requirements.

A financial institution is one which is involved in the following authorized activities:

Lending, exchanging, transferring, investing for others, or safeguarding money or securities;
Insuring, guaranteeing, or indemnifying against loss, harm, damage, illness, disability, or death, or providing and issuing annuities, either as principal, agent, or broker; and
Providing financial advice, underwriting, dealing in, or making a market in securities.

Customers vs. Consumers

According to Regulation P, all customers are consumers but the reverse doesn’t apply.

Consumer: A consumer is an individual who obtains a financial product or service from a financial institution that is primarily for personal, family or household purposes.

Customer: A customer, as stated above, is a type of consumer – one who has an ongoing relationship with a financial institution, under which the institution provides a financial product or service.

The rule differentiates a financial institution’s responsibilities to customers and consumers. An institution that is governed by Regulation P:

Must give all its customers initial privacy notices
Must give initial notices (or short form notices) to consumers who are not its customers only if it intends to disclose nonpublic personal information about those consumers to nonaffiliated third parties
Must give annual privacy notices to its customers as long as they remain its customers
Is never required to send annual notices to consumers who are not its customers.

What is a customer relationship?

A consumer becomes an institution’s customer if a consumer does any of the following:

Opens a credit card account with the institution
Executes the contract to open a deposit account with the institutions, obtains credit from it, or purchases insurance from it;
Agrees to obtain financial, economic, or investment advisory services from the institution for a fee; or
Becomes an institution’s client for the purpose of receiving credit counseling or tax preparation services.

For existing customers, a financial institution need only provide a new privacy notice if the customer buys any new financial product or service that is not covered in the initial notice.

Types of Privacy Notices

Two types of privacy notices are covered by Regulation P:

Type

Regulatory Requirements

Initial Privacy Notice

A clear, conspicuous initial privacy notice listing all of a financial institution’s privacy policies and practices must be provided to:

Customer: Notice must be sent the moment an institution establishes the customer relationship with an individual
Consumer: Notice must be sent before disclosing any nonpublic personal information to any nonaffiliated third party

An initial privacy notice need not be sent to a consumer if:

The institution is not going to disclose a consumer’s nonpublic personal information
The consumer is not a customer of the institution

Annual Privacy Notice

Financial institutions must provide an annual privacy notice at least once in any 12 month period during the course of the relationship

Information to be included in privacy notices

All privacy notices – whether the initial or annual or revised notices must include the following information:

Categories of nonpublic personal information that is collected by an institution
Categories of nonpublic personal information that is disclosed by an institution
The categories of affiliates and nonaffiliated third parties to the information is disclosed
The categories of nonpublic personal information about former customers that that is disclosed and the categories of affiliates and nonaffiliated third parties to whom this is disclosed
An explanation of the consumer’s right to opt out of disclosure
Disclosures that are made under the Fair Credit Reporting Act
Policies and practices to protect the confidentiality and security of nonpublic personal information

Limits on sharing account number information for marketing purposes

Financial institutions are prohibited from disclosing directly or through an affiliate, a consumer’s account number/ access number/ access code to his or her credit card account, deposit account or transaction account to any non-affiliated third party for any kind of marketing purpose.

Additional Resources

Read the Federal Reserve Board’s Regulation P – Privacy of Consumer Financial Information in full

Compliance Trainings

Pregnancy in the Workplace: Strategies to Protect Your Organization from Pregnancy Discrimination Claims
By - Christopher W. Olmsted
On Demand Access Anytime

How to Vet an IRB: Expose and Fix Problems Before They Threaten Your Trial
By - Madhavi Diwanji
On Demand Access Anytime

DMR & DHR - What Is Really Required
By - Daniel O Leary
On Demand Access Anytime

View all Trainings

Compliance Standards

Checklist for applying IEC 62304:2015 ''Medical Device Software - Software Life Cycle Processes''
Price: $330Add to Cart

A Software Engineering Kit – Composed of Templates for Key Software Engineering Process Plans
Price: $660Add to Cart

ISO/IEC 20000-1:2011 “Information Technology – Service Management –Part 1: Service Management System Requirements”
Price: $330Add to Cart

Software Quality Kit
Price: $748Add to Cart

More Standards »

Best Sellers

Webinars
Seminars
Standards

Pharmaceutical Compressed Air - Quality GMP Standards and Requirements
By: Roger Cowan
Price: $249
Add to Cart
How to Conduct a HIPAA Risk Assessment
By: Brian Tuttle
Price: $249
Add to Cart
Building a Vendor Qualification Program for FDA Regulated Industries
By: Jonathan M Lewis
Price: $249
Add to Cart
FDA Regulations for Marketing OTC Drugs in the U.S.
By: Norma Skolnik
Price: $299
Add to Cart
Effective Annual U.S. FDA CGMP Training
By: John E Lincoln
Price: $249
Add to Cart
CDISC Mapping 1: Specifications and FDA Requirements
By: Sunil Gupta
Price: $299
Add to Cart
Extractables and Leachables in Early Phase Development
By: Wayland Rushing
Price: $279
Add to Cart
Advanced Tax Return Analysis for the Banker
By: David L Osburn
Price: $249
Add to Cart
1099 & W-9 Update - Complying with IRS Information Reporting Guidelines
By: Miles Hutchinson
Price: $249
Add to Cart
OSHA Recordkeeping for 2015: Beyond the OSHA 300 Summary
By: David A. Casavant
Price: $149
Add to Cart
Form I-9 and E-Verify, getting and staying compliant
By: Cathleen Hampton
Price: $149
Add to Cart
Affordable Care Act Updates: What Employers need to do to Prepare
By: Vanessa G Nelson
Price: $149
Add to Cart
Child Support: What Payroll Doesn't Know Can Hurt You
By: Vicki M. Lambert
Price: $229
Add to Cart
Detecting and Preventing Embezzlement in Your Organization
By: Peter Goldmann
Price: $249
Add to Cart
What Employers Need to Know About Severance Agreements
By: Janette Levey Frisch
Price: $229
Add to Cart

REACH and RoHS Compliance: Protecting Revenues with Advanced Compliance: 2-Day In-Person ...

San Francisco, CA | Aug 6-7, 2020
Add to Cart
Preparing for FDA's New Import/Export Trauma in 2020: 2-Day In-Person Seminar by Ex-FDA Official

Virtual Seminar | Jul 16-17, 2020
Add to Cart
Managing Domestic and Foreign FDA Inspections and the COVID-19 Impact: 2-Day In-Person Seminar...

Virtual Seminar | Jun 18-19, 2020
Add to Cart
Transforming Corporate Spending Processes: T&E and AP Best Practices and Digitization: 2-Day Virtual...

Los Angeles, CA | Aug 20-21, 2020
Add to Cart
Quality Control Laboratory Compliance - cGMPs and GLPs: One and a Half Day Virtual Seminar

Virtual Seminar | Jul 16-17, 2020
Add to Cart
FDA Recalls - Before You Start, and After You Finish : Virtual Seminar Seminar by Ex-FDA Official

Virtual Seminar | Jun 25-26, 2020
Add to Cart
Case Management Boot Camp: Strategies for Success in the Acute Care Setting and Beyond!...

Virtual Seminar | Jun 10, 2020
Add to Cart
Reduce costs for compliance with data integrity: 21 CFR Part 11, SaaS/Cloud, EU GDPR: 2-Day...

Virtual Seminar | Jun 3-4, 2020
Add to Cart
Validation, Verification and Transfer of Analytical Methods (Understanding and implementing...

Virtual Seminar | Jul 6-7, 2020
Add to Cart
Ensuring Compliance with Advertising and Promotional Requirements for Drugs and...

San Francisco, CA | Oct 22-23, 2020
Add to Cart
Data Integrity: FDA/EU Requirements and Implementation: 2-Day Workshop

Virtual Seminar | Jul 9-10, 2020
Add to Cart
21 CFR Part 11 Compliance for SaaS/Cloud Applications: 2-Day Virtual Seminar

Virtual Seminar | Jun 3-4, 2020
Add to Cart
Supplier and Contract Manufacturer Management: 2-Day Virtual Seminar

Virtual Seminar | June 3-4, 2020
Add to Cart
Project Management for Human Resources: 3-Day Certification Program

Miami, FL | Jul 29-31, 2020
Add to Cart
Biostatistics for the Non-Statistician: One-Day Virtual Seminar

Virtual Seminar | Jun 17, 2020
Add to Cart

General requirements for the competence of testing and calibration laboratories
Provider: ANSI
Price: $142
Add to Cart
IEC 62304:2015 ''Medical Device Software - Software Life Cycle Processes''
Provider: SEPT
Price: $299
Add to Cart
IEC 62304:2015 ''Medical Device Software - Software Life Cycle Processes''
Provider: SEPT
Price: $149
Add to Cart
ISO 45001:2018 Gap Analysis Checklist
Provider: 45001 Store
Price: $39
Add to Cart
Measurement management systems - Requirements for measurement processes and measuring equipment
Provider: ANSI
Price: $120
Add to Cart
Geometrical Product Specifications (GPS) - Geometrical tolerancing - Tolerances of form, orientation...
Provider: ANSI
Price: $250
Add to Cart
Templates and Plans for Software Configuration Management Documents-Version 6.0
Provider: SEPT
Price: $299
Add to Cart
Computer System Validation Master Plan
Provider: LabCompliance
Price: $90
Add to Cart
Zero Acceptance Number Sampling Plan for Receiving, In-Process and Final Inspection
Provider: Quality-Control-Plan
Price: $37
Add to Cart
Standard Operating Procedure: FDA Inspections
Provider: LabCompliance
Price: $49
Add to Cart
AS9003 Comprehensive Quality System Kit for Inspection and Test Quality Control System
Provider: At-PQC
Price: $397
Add to Cart
ISO 45001:2018 Internal Audit Checklist, Procedure, and Forms
Provider: 45001 Store
Price: $75
Add to Cart
Template for a Software Maintenance Plan - Fourth Edition
Provider: SEPT
Price: $99
Add to Cart
Sarbanes Oxley Treasury Risks and Controls
Provider: Audit Net
Price: $50
Add to Cart
ISO 45001:2018 Flowcharts in MS Visio, SmartDraw, and PDF
Provider: 45001 Store
Price: $75
Add to Cart

You Recently Viewed

By using this site you agree to our use of cookies. Please refer to our privacy policy for more information. Close

Federal Reserve Board Regulation P – Privacy of Consumer Financial Information – Overview & Summary of Requirements

Compliance Trainings

Compliance Standards