Understanding the FTC Safeguards Rule - DAKCS Perspective

Understanding the FTC Safeguards Rule - DAKCS Perspective

DAKCS Perspective

Based on our understanding of the Safeguard Rule set forth by the FTC, any policies and procedures required can be handled at the network level, and not the individual applications, such as Beyond,  that are used when accessing consumer data. 

Our SOC demonstrates that we have more than sufficient security standards in place. Also, if the agency has dual-factor authentication for a workstation log-in before the employee gets to our software, that would be compliant. Their security program needs to have a vendor management section to it, so that would be where they ask for our SOC to prove they have assessed our security.

If you are interested in using Multi-Factor Authentication at the application level Beyond supports it. Agencies will need to set each user up with an email address in the User Setup section before enabling the feature. 

What is the Safeguards Rule?

The Gramm-Leach-Bliley Act (GLBA) requires that covered financial institutions, including debt collectors, protect the security of their customer's financial information. In 2021, the Federal Trade Commission made the first major changes to these requirements in almost 20 years and gave companies one year to comply with the Standards for Safeguarding Customer Information—the Safeguards rule.

The rule requires financial institutions to develop, implement, and maintain a comprehensive information security program June 9, 2023 which is the new effective date.

Read the text of the amended rule as well as articles breaking down compliance with the rule, review the comprehensive ACA SearchPoint document on the Safeguards Rule, listen to related recordings of ACA’s members-only ACA Huddle, and more.

DAKCS Article in Customer Portal - Multi-Factor Authentication in Beyond

Please reach out if you have further questions in regards to the Safeguards Rule, and sign up for the Product Lab if you would like for us to set up a roundtable discussion on this topic. 


The DAKCS Team

    • Related Articles

    • DAKCS and Hunstein Case Commonly Asked Questions

      Based on last month’s chat and some questions that have come up in the past few weeks, requests were made for a reference document for Hunstein similar to our previous TCPA Compliance QwikDial document. Matthew Snedden with Beyond Investments worked ...
    • DAKCS Privacy and Security Policy

      See Attachment
    • DAKCS Operating System Policy

      Overview This document explains DAKCS Software Systems Inc.'s policies for the operating systems we support for both servers and software clients, and for the web browsers for DAKCS services. We define the life cycle and end dates for running our ...
    • DAKCS Standard Non-Disclosure Agreement

      DAKCS Standard Non-Disclosure Agreement      WHEREAS, for the purpose as stated in Section 2 below, DAKCS and the Company (collectively referred to as the "Parties" and individually referred to as a "Party") have determined to establish terms ...
    • QwikDial for TCPA and ATDS - FB v. Duguid Ruling

      QwikDial for TCPA and ATDS Definition During our April Community Chat, we had a deeper discussion about the latest FB v Duguid ruling. Here is a helpful article that explains the ruling in detail written by Eric Troutman with TCPAWorld. This ruling ...