Auto dealerships collect significant personal information about their customers. This can include names, addresses, phone numbers, social security numbers, and credit and financial information. The Gramm-Leach-Bliley Act Safeguards Rule requires car dealers to protect this consumer information from unauthorized access, fraud, or misuse.
Despite the sensitive nature of customer information that auto dealers must collect, many dealers do not have appropriate protections in place to prevent customer data from theft or misuse. If you’re an automotive executive, you know that in many cases dealerships keep customer files poorly secured both physically and digitally. You may not know that failing to effectively protect customer data could lead to substantial fines and penalties from the federal government.
To comply with the GLB Safeguards rule, auto dealers must implement procedures including,
• Develop, implement and maintain a comprehensive written information security plan
• Ensure that affiliates of the dealership maintain appropriate safeguards
• Designate an employee or employees to coordinate the safeguards
• Identify the risks to customer information in each area of the dealership’s operation
• Evaluate the effectiveness of the current safeguards for controlling these risks
• Design and implement a safeguards program, and regularly monitor and test it
• Select appropriate service providers and contract with them to implement safeguards
• And more...
These regulations apply to all dealerships, no matter what size or type. In implementing the above regulations, dealers must consider all aspects of their operations, including employee training, information systems, managing system failures, and more.
Does your dealership comply with all of the above regulations? If you’ve never specifically planned to review and address the GLB Safeguards requirements, the answer is almost certainly no. To learn more about automotive compliance and get started auditing and improving your dealership’s compliance operations, please contact Total Dealer Compliance today.