Updated Tue July 19, 2022
Published Under: Dealership
Auto dealers need to act now to ensure the safety of their customers with the upcoming Federal Trade Commission (FTC) Safeguards Rule changes. This will require dealers to undertake a series of extensive procedural, technical, and contractual steps to protect the consumer and other personal data.
Watch the video to be aware of the urgency and requirements that are needed for your dealership to stay educated while keeping you compliant.
List of FTC Safeguards Rule Requirements
Your auto dealers will need to adhere to the following to comply with the law and better protect customers.
- A written assessment, including risk criteria and how the dealership’s information security program will address and mitigate risks. Additional periodic risk assessments
- A written incident response plan including goals, communication plans, processes, and roles
- Designation of a single “qualified individual” to oversee the dealership’s information security program
- Identify and manage your data, personnel, devices, systems, and facilities
- Technical and physical access control
- Encryption of all customers’ information in transit and at rest, and documented retention and disposal procedures for customer information
- Enable Multi-Factor Authentication (MFA) for all systems containing customers’ nonpublic information
- Change management procedures for modifying information systems
- Policies, procedures, and controls to monitor and log activity
- Continuous monitoring of information systems or annual penetration testing and twice-yearly vulnerability assessments
- Annual reports to the board of directors on compliance and status
When are the Requirements Being Enforced?
The amended Rule’s requirements must all be completed by December 9, 2022, which is why it’s so urgent to act now.
How VGM Forbin Can Help
Let our experts at VGM Forbin help you strengthen your security standards. Contact VGM Forbin or call us at (877) 659-5241 to start this process with our IT Team.
Comments