Division of Consumer Services Information Security Resources
The Washington State Department of Financial Institutions Division of Consumer Services is concerned with the security of consumer information.
Not maintaining confidentiality, integrity, and availability of information can result in direct harm to consumers and operational and reputational risk for companies.
Ransomware Self Assessment Tool
This ready-to-use ransomware tool will allow your company leadership to assess the organization’s efforts to control and mitigate risks associated with the threat of ransomware and to identify gaps in your security. Use of this tool is voluntary unless otherwise dictated.
Ransomware Self Assessment Tool
Resources
The following are resources regarding information security:
- Resource List
- Questions and Scenarios to Consider
- Information Security Topics
- Most Likely Suspects
- Protect These Records
Washington Administrative Code
The following Washington Administrative Code relate to information security:
Consumer Loan Companies
WAC 208-620-490 (5) | What are my reporting responsibilities when something of significance happens to my business? |
WAC 208-620-531 | Must I have a business resumption plan? |
WAC 208-620-532 | Records disposal |
WAC 208-620-571 | Information security program required by the federal Safeguards Rule implementing the Gramm-Leach-Bliley Act |
WAC 208-620-572 | Consumer financial information privacy under the Gramm-Leach-Bliley Act (GLBA) and Regulation P |
WAC 208-620-573 | Notice to consumers of data breach |
Mortgage Brokers
WAC 208-660-400 (2)(e) | Reporting requirements and notices to the department |
WAC 208-660-460 | Information security program required by the federal Safeguards Rule implementing the Gramm-Leach-Bliley Act |
WAC 208-660-470 | Consumer financial information privacy under the Gramm-Leach-Bliley Act (GLBA) and Regulation P |
WAC 208-660-480 | Notice to consumers of data breach |
WAC 208-660-490 | Business resumption plan |
Money Service Providers
WAC 208-690-110 (10) | Report of material change |
WAC 208-690-240 | Cyber security program |
WAC 208-690-250 | Information security program required by the federal Safeguards Rule implementing the Gramm-Leach-Bliley Act (GLBA) |
WAC 208-690-260 | Consumer financial information privacy under the Gramm-Leach-Bliley Act (GLBA) and Regulation P |
WAC 208-690-270 | Notice to consumers of data breach |
WAC 208-690-280 | Business resumption plan |
Escrow Agents
WAC 208-680-532 | Information security program required by the federal Safeguards Rule implementing the Gramm-Leach-Bliley Act |
WAC 208-680-534 | Consumer financial information privacy under the Gramm-Leach-Bliley Act (GLBA) and Regulation P |
WAC 208-680-536 | Notice to consumers of data breach |
WAC 208-680-538 | Business resumption plan |
WAC 208-680-265 | (4)(i) - Reporting significant events |