Which statute addresses security and privacy matters in the financial industry?

The Gramm-Leach-Bliley Act (GLBA) is the statute that specifically addresses security and privacy matters in the financial industry. Enacted in 1999, the GLBA mandates financial institutions to protect consumer information and provide transparency about their information-sharing practices. It requires institutions to implement safeguards for customer data and to disclose their privacy policies to consumers, ensuring that individuals understand how their personal information will be used.

The act comprises three primary provisions: the Financial Privacy Rule, which governs the collection and disclosure of customers' personal financial information; the Safeguards Rule, which requires financial institutions to implement security measures to protect such data; and the Pretexting Protection Rule, which prohibits obtaining customer information under false pretenses.

In contrast, the other statutes mentioned focus on different sectors and issues. FERPA pertains to the privacy of student education records, SOX relates to corporate governance and financial practices for publicly traded companies, and HIPAA addresses the privacy and security of health information within the healthcare industry. Thus, the GLBA uniquely aligns with the financial sector's needs concerning security and privacy.