Division of Consumer Services Information Security Resources

The Washington State Department of Financial Institutions Division of Consumer Services is concerned with the security of consumer information.

Not maintaining confidentiality, integrity, and availability of information can result in direct harm to consumers and operational and reputational risk for companies.

Ransomware Self Assessment Tool

This ready-to-use ransomware tool will allow your company leadership to assess the organization’s efforts to control and mitigate risks associated with the threat of ransomware and to identify gaps in your security. Use of this tool is voluntary unless otherwise dictated.

Ransomware Self Assessment Tool

Resources

The following are resources regarding information security:

Washington Administrative Code

The following Washington Administrative Code relate to information security:

Consumer Loan Companies

WAC 208-620-490 (5) What are my reporting responsibilities when something of significance happens to my business?
WAC 208-620-531 Must I have a business resumption plan?
WAC 208-620-532 Records disposal
WAC 208-620-571 Information security program required by the federal Safeguards Rule implementing the Gramm-Leach-Bliley Act
WAC 208-620-572 Consumer financial information privacy under the Gramm-Leach-Bliley Act (GLBA) and Regulation P
WAC 208-620-573 Notice to consumers of data breach

Mortgage Brokers

WAC 208-660-400 (2)(e) Reporting requirements and notices to the department
WAC 208-660-460 Information security program required by the federal Safeguards Rule implementing the Gramm-Leach-Bliley Act
WAC 208-660-470 Consumer financial information privacy under the Gramm-Leach-Bliley Act (GLBA) and Regulation P
WAC 208-660-480 Notice to consumers of data breach
WAC 208-660-490 Business resumption plan

Money Service Providers

WAC 208-690-110 (10) Report of material change
WAC 208-690-240 Cyber security program
WAC 208-690-250 Information security program required by the federal Safeguards Rule implementing the Gramm-Leach-Bliley Act (GLBA)
WAC 208-690-260 Consumer financial information privacy under the Gramm-Leach-Bliley Act (GLBA) and Regulation P
WAC 208-690-270 Notice to consumers of data breach
WAC 208-690-280 Business resumption plan

Escrow Agents

WAC 208-680-532 Information security program required by the federal Safeguards Rule implementing the Gramm-Leach-Bliley Act
WAC 208-680-534 Consumer financial information privacy under the Gramm-Leach-Bliley Act (GLBA) and Regulation P
WAC 208-680-536 Notice to consumers of data breach
WAC 208-680-538 Business resumption plan
WAC 208-680-265 (4)(i) - Reporting significant events