This is the emerging expectation of state and federal securities regulators. For instance, the State of Massachusetts recently adopted a comprehensive and restrictive set of requirements to prevent client data security breaches, which must be met by any investment adviser with a client residing in Massachusetts. Under the this new regulation, an investment adviser firm with a client residing in Massachusetts must develop, implement, maintain and monitor a comprehensive written information security program and ensure that confidential client information stored on portable devices is encrypted.
Likewise, the U.S. Securities and Exchange Commission (“SEC”) has heightened its focus upon how investment adviser firms are safeguarding confidential client information. This increased attention upon the protection of confidential client data has manifested itself in an SEC enforcement action under Regulation S-P against a broker-dealer/investment adviser that was a victim of hacking and a proposal by the SEC to amend Regulation S-P with more specific safeguards for protecting confidential client information.
If you would like to learn more about the proposed and recently passed requirements for protecting confidential client data and best practices, please join us for our webinar, Beyond the Privacy Notice, on Thursday, April 15, 2010, from 12:00 – 1:00 p.m. Central. You can purchase your seat for $59.95 by clicking here.