Financial Information Privacy

Financial institutions hold some of the most sensitive information that is subject to various federal and state regulations. Greenberg Traurig’s Data Privacy & Cybersecurity Practice regularly advises financial organizations on the Gramm-Leach-Bliley Act (GLBA), FCRA, and its FACT Act amendments, the Right to Financial Privacy Act, state laws such as the California Privacy Rights Act (CPRA), and federal and state data security and data breach laws. We utilize the vast resources of the firm and partner with attorneys around the globe and across multiple disciplines who are experienced in Banking & Financial Services, Blockchain & Digital Assets, Emerging Technology, and Finance. Together, our experience working with established financial institutions, investors, and cutting-edge technology companies helps us guide them in data privacy and protection issues through all stages of growth.

We handle:

• Advising financial institutions on how the applicable data protection laws impact their use, transfer, and sharing of personal data with third parties, within the organization and across borders;
• Conducting data protection impact assessments on proposed products or services to evaluate whether the service is developed consistent with privacy-by-design and security-by-design principles;
• Developing data protection programs compliant with the data privacy and security laws applicable to financial institutions’ operations, including AML/KYC systems and IT/cybersecurity practices;
• Guiding companies on compliance with PCI DSS and PA DSS; and
• Counseling on cybersecurity and data breach preparedness activities, conducting tabletop exercises, and developing or improving the company’s information security policy, incident response plan, and breach notification toolkits.