Joint Release
Board of Governors of the Federal Reserve System
Federal Deposit Insurance Corporation
Office of the Comptroller of the Currency
Office of Thrift Supervision
For immediate release December 21, 2004
Agencies Announce Final Rules on Disposal of Consumer Information
The federal bank and thrift regulatory agencies today announced interagency final rules
to require financial institutions to adopt measures for properly disposing of consumer
information derived from credit reports.
Current law requires financial institutions to protect customer information by
implementing information security programs. The final rules require institutions to make
modest adjustments to their information security programs to include measures for the
proper disposal of consumer information. They also add a new definition of "consumer
information."
The agencies' final rules implement section 216 of the Fair and Accurate Credit
Transactions Act of 2003 (FACT Act) and include this new statutory requirement in the
Interagency Guidelines Establishing Standards for Safeguarding Customer Information
(retitled the Interagency Guidelines Establishing Standards for Information Security),
which were adopted in 2001.
The final rules will take effect on July 1, 2005.
The Federal Register notice is attached.
# # #
Attachment
Media Contacts:
Federal Reserve Susan Stawick (202) 452-2955
FDIC David Barr (202) 898-6992
OCC Dean DeBuck (202) 874-5770
OTS Erin Hickman (202) 906-6677
FDIC-PR-128-2004
Board of Governors of the Federal Reserve System
Federal Deposit Insurance Corporation
Office of the Comptroller of the Currency
Office of Thrift Supervision
For immediate release December 21, 2004
Agencies Announce Final Rules on Disposal of Consumer Information
The federal bank and thrift regulatory agencies today announced interagency final rules
to require financial institutions to adopt measures for properly disposing of consumer
information derived from credit reports.
Current law requires financial institutions to protect customer information by
implementing information security programs. The final rules require institutions to make
modest adjustments to their information security programs to include measures for the
proper disposal of consumer information. They also add a new definition of "consumer
information."
The agencies' final rules implement section 216 of the Fair and Accurate Credit
Transactions Act of 2003 (FACT Act) and include this new statutory requirement in the
Interagency Guidelines Establishing Standards for Safeguarding Customer Information
(retitled the Interagency Guidelines Establishing Standards for Information Security),
which were adopted in 2001.
The final rules will take effect on July 1, 2005.
The Federal Register notice is attached.
# # #
Attachment
Media Contacts:
Federal Reserve Susan Stawick (202) 452-2955
FDIC David Barr (202) 898-6992
OCC Dean DeBuck (202) 874-5770
OTS Erin Hickman (202) 906-6677
FDIC-PR-128-2004