FTC Safeguards Rule

Protecting your customer’s information starts here

FTC Safeguards Rule Are Now In Effect.
Is your dealership compliant?

What is the FTC Safeguards Rule?

The FTC Safeguards Rule requires auto dealerships to implement measures to protect customer data, including physical, electronic, and procedural safeguards. The rule applies to any dealership that handles customer information, regardless of size or number of employees. That means it's time to start looking for a company you can trust to get you on the right track.

AutoJini has been providing IT services for 20+ years to independent dealers and large automotive groups. We can provide your business with a complete solution to ensure compliance with FTC Safeguards Rule. Take the guesswork out of FTC Safeguards Rule, schedule a no obligation consultation today!

What are the 9 requirements of the FTC Safeguards Rule?

  1. Appoint a Qualified Individual to oversee its entire information security program
  2. Conduct a written risk assessment to identify potential risks to customer data.
  3. Implement Safeguards controls to address the risks identified in the risk assessment.
  4. Regularly monitor and test safeguards
  5. Develop an Information Security Program (ISP)
  6. Train your staff - Require Security Awareness Training for your staff and contractors that have access to customer nonpublic personal information (NPI)
  7. Monitor your service providers
  8. Create an Incident Response Plan and additional policies required by the Information Security Program (ISP)
  9. Qualified Individual must submit annual written reports to the board of directors or owner(s) of the dealership

FTC has defined NPI term to include almost all information a dealership maintains on a customer, including names, addresses, date of birth. It is recommended to protect all customer information in accordance with new FTC Safeguards Rule.

What are the consequences of non-compliance?

Non-compliance with the FTC Safeguards Rule can result in significant penalties and damage to a dealership’s reputation. The FTC can bring legal action against non-compliant dealerships, which can result in fines, legal fees, and even closure of the business.

In addition, customers who are affected by a data breach will lose trust in your dealership and can take their business to your competitor.

How can dealerships ensure compliance with the FTC Safeguards Rule?

  1. Regularly assessing potential risks to customer data.
  2. Developing and implementing policies and procedures to address identified risks.
  3. Regularly training employees on data security best practices.
  4. Regularly monitoring and testing the effectiveness of the information security program.
  5. Overseeing service providers to ensure they also have appropriate safeguards in place.

By taking these steps, you can protect your customers’ sensitive data, reduce the risk of a data breach, and ensure compliance with the FTC Safeguards Rule.

The FTC Safeguards Rule is an important guideline for your auto dealerships to follow in order to protect your customers’ sensitive data. By developing and implementing a comprehensive information security program, your dealership can reduce the risk of a data breach, protect your customers’ information, and ensure compliance with the FTC Safeguards Rule.

AutoJini, can help ensure your dealerships' compliance with the FTC Safeguards Rule:

  • Written Risk Assessment
  • Access Controls
  • Data and Systems Inventory
  • Data Encryption
  • Written Incident Response Plan
  • Secure Development Practices
  • Multi-Factor Authentication
  • System Monitoring & Logging
  • Secure Data Disposal Procedures
  • Change Management Procedures
  • Security Awareness Training
  • Oversee Service Providers
  • Periodic Review of Security Program
  • Annual Report to Board

Approved Vendor of