📘 Privacy Rule: Teller Responsibilities
Step Type: Text
What learners will learn: How tellers apply GLBA Privacy Rule requirements in branch interactions.
Step Description: This step explains teller duties under the GLBA Privacy Rule, including delivering privacy notices to customers, handling questions about privacy policies, determining permissible disclosures of nonpublic personal information (NPI), and escalating issues to management or compliance when guidance is unclear. The step provides clear procedures for interacting with customers while maintaining regulatory compliance.
Summary of Content: Tellers practice understanding Privacy Notice delivery, permissible disclosures, responding to customer privacy questions, and escalation protocols for compliance.
Key Topics Covered:
Delivery of GLBA Privacy Notices
Permissible disclosures of nonpublic personal information (NPI)
Handling customer privacy questions
Escalation when privacy guidance is unclear
📘 Safeguards Rule: Protecting NPI in Branch Operations
Step Type: Scenario
What learners will learn: Operational steps to protect customer data in teller interactions.
Step Description: This step presents scenarios involving day-to-day branch operations where sensitive customer information must be protected. It covers workstation security, private conversation protocols, document handling procedures, and digital security measures. The scenarios require decision-making at multiple points to reinforce proper safeguarding practices and adherence to the GLBA Safeguards Rule.
Summary of Content: Tellers practice securing workstations, managing paper documents, and applying digital safeguards in realistic branch situations.
Key Topics Covered:
Screen visibility and workstation security
Conducting private conversations
Proper handling of paper documents
Following digital security protocols
📘 Handling Customer Opt-Out Requests
Step Type: MultiChoice
What learners will learn: How tellers recognize, document, and escalate customer requests to opt-out of information sharing.
Step Description: This step presents scenarios in which customers exercise their rights to opt out of information sharing. It details how to identify opt-out requests, explain customers’ rights accurately, and follow the correct escalation procedures to management or compliance for processing and documentation.
Summary of Content: Tellers reinforce correct identification, response, and escalation of opt-out requests according to GLBA requirements.
Key Topics Covered:
Identifying customer opt-out requests
Explaining opt-out rights accurately
Escalation procedures for compliance
📘 Pretexting and Social Engineering Awareness
Step Type: True or False
What learners will learn: How to recognize and respond to attempts to obtain NPI via deceptive methods.
Step Description: This step provides guidance on recognizing and responding to deceptive attempts to obtain customer information, including phone calls, emails, or in-person requests. It emphasizes identifying red flags, verifying identities before disclosing information, refusing inappropriate requests, and escalating suspicious interactions according to internal policies and GLBA requirements.
Summary of Content: Tellers learn to identify social engineering, verify identities, refuse inappropriate requests, and escalate suspicious activity.
Key Topics Covered:
Recognizing pretexting or social engineering attempts
Identity verification best practices
Escalation of suspicious requests
Regulatory rationale under GLBA
📘 Record Disposal and Security
Step Type: Streak
What learners will learn: Proper procedures for securing and disposing of physical and electronic customer information.
Step Description: This step covers procedures for securing and disposing of both physical and electronic customer records. It outlines locking computer screens and devices, properly storing paper documents, shredding sensitive information, and following digital security protocols to protect NPI from unauthorized access, consistent with the GLBA Safeguards Rule.
Summary of Content: Tellers learn how to lock screens, secure documents, and shred records, maintaining GLBA Safeguards Rule compliance.
Key Topics Covered:
Locking computer screens and devices
Securing paper documents
Shredding and proper disposal procedures
Protecting NPI from unauthorized access
📘 Escalation Protocols for Suspicious Information Requests
Step Type: Scenario
What learners will learn: When and how to escalate suspicious or potentially non-compliant requests for customer information.
Step Description: This step presents branching scenarios where suspicious requests for customer information are encountered. It details how to recognize red flags, follow internal escalation chains, document incidents properly, and involve management or compliance as required to maintain regulatory compliance under GLBA Privacy and Safeguards Rules.
Summary of Content: Tellers review escalation chains, recognize red flags, and document incidents in accordance with regulatory expectations.
Key Topics Covered:
Recognizing suspicious NPI requests
Escalation to management or compliance
Documentation of incidents
Alignment with GLBA Privacy and Safeguards Rules