Still Not Ready for This Year’s Safeguards Rule? Here’s What to Know

Main Navigation

Advertisement
Social Connect
Resources
Our Brand Family
AutoSuccess Online
The No. 1 Sales-Improvement Source for the Automotive Professional
Blog

Alarming Number of Dealers Are Still Not Ready for This Year’s Safeguards Rule — Here’s What to Know

The ruling oversees how financial institutions protect consumer data, and dealerships must implement changes to protect their consumer data.

Ken Hill
By Ken Hill
Ken Hill is managing director for 700Credit, a leading provider of credit reports, compliance, identity verification and soft pull products. For more information, visit www.700credit.com.
Published:

The Federal Trade Commission’s (FTC) Safeguards Rule kicks into effect this year, and while some parts have already become official, other areas of the legislation have been extended to June. The law requires stricter information security programs for consumers, meaning U.S. auto dealership executives have a heavy task of strengthening their information systems security.

Related Articles

The ruling oversees how financial institutions protect consumer data, and dealerships must implement changes to protect their own consumer data, but they also must have a formal training program for their employees and third-party audits in place to ensure their entire list of vendors are also following these guidelines.

Even though parts of the rule have been extended to June, a recent poll raised alarms in illustrating just how many dealers have yet to become compliant in many areas. On a recent dealer-focused webinar, 36% said they are just getting started with their compliance plans, 26% said they are halfway there, and 25% said they are nearly done.

This is definitely concerning since several key components of the ruling have already gone into effect:

Some Parts of the Rule Are Already in Effect

Dealers must now show they are in compliance with risk assessments, information security programs, and establishing capable service providers and contractually obligate service providers. They must also be able to regularly test or otherwise monitor the effectiveness of the safeguards’ key controls, systems, and procedures, including those to detect actual and attempted attacks on, or intrusions into, information systems. Lastly, they must be able to periodically perform additional risk assessments and adjust the ISP accordingly.

The items that were delayed until June 9 include designating qualified individuals, written risk assessments, and designing and implementing various administrative, technical, and physical safeguards, including various physical and technical access controls, multi-factor authentication, encryption, activity logging, and change management procedures.

What’s more, dealers also had until June 9 to complete a continuous monitoring of their information systems, mandatory security awareness training, periodic assessments of service providers, incident response plans, and an annual status reporting functionality.

The webinar poll also showed that 44% of dealers have not provided the mandatory security awareness training to their employees, and 73% have not conducted simulated phishing attacks on their employees.

What’s Key In Becoming Compliant

It will be important for dealers to designate individuals within the dealership who are trained in taking ownership of these new regulations and to ensure everyone is ready. Any educational curriculum must be designed so that each employee is trained in all facets of the new regulation with full comprehension of each component.  

Aside from education and training of new programs, the way dealers and any employees handle consumer data and privacy information will be paramount to compliance. Dealers would be wise to take inventory of every possible way they receive consumer data and information, from the beginning of the process with advertising and marketing insights that enters the top of the funnel, all of the search-engine and social media data they receive through promotions and interactions, website information and insights, and certainly consumer information through the service lane. Modern retailing has opened an abundance of new opportunities for dealers to reach new customers, but it also represents so many new opportunities to collect consumer data that now needs to be scrutinized under the new regulations.

The new Safeguards Rule will ultimately help dealers better protect their customers’ valuable data and information — a practice that better manages the risks associated with today’s internet-heavy focus on customer interaction and transaction. There are significant challenges and hurdles in the near term for dealers and their vendor partners. However, with the right guidance and expert counsel, dealers and their partners can achieve this critical compliance and train each employee on the new rules in place so that they can provide their customers with the trust they need to do business in this era of modern retailing.

There is no way around being compliant, and dealers must realize there is also no grey area. There still remains a large number of dealers who are not fully compliant, and the time is now to partner with trusted experts who can help finalize all plans.

Ken Hill is managing director for 700Credit, the automotive industry’s leading provider of credit reports, compliance and soft pull products. For more information, visit www.700credit.com.

You May Also Like

How Auto Retailers Are Leveraging Advanced Connected Vehicle Data for Optimized Lot Management Solutions
Hybrids Offer Alternative to Electric Vehicles
article based on Remora webinar Money for Nothing, Happiness for Free
Blog

Getting to Our Ultimate ‘Why?’

Understanding our core reasons will drive our efforts to success.

Chris Saraceno
By Chris Saraceno
Chris Saraceno is the Vice President & Partner of the Kelly Automotive Group. Visit kellycar.com.
Published:
sail boat - freedom

While there are many resources that can assist us in learning, setting goals, getting fit, eating right, building exceptional relationships and all the other things we desire to do to live our best lives, there’s one question we must answer, and it’s one that no one can answer for us.

Read Full Article

More Blog Posts
How AI is Enhancing Vehicle Inspections for Car Buying, Selling and Transportation

AI offers three distinct advantages for vehicle inspections that can significantly increase efficiency and bolster confidence for the industry.

By AutoSuccess Contributor
AI vehicle inspection, artificial intelligence
Navigating Tomorrow’s Roads: 5 Trends Shaping the Future of Commercial Automotive in 2024

Dealerships who offer dedicated commercial service bays or who provide mobile service offerings enhance their value.

By Kathryn Schifferle
Work Truck Solutions blog - ebike delivery in city
The Dealership Flywheel: A Perspective from X-Amazonian

Customer obsession is key. Every dealership must have processes in place to never fail a customer.

By Ben Ayed
service customer and mechanic
New Research Reveals Age and Gender Differences in Vehicle Add-On Purchases

Are there certain age/gender demographics with a higher propensity of purchasing any specific set of VPPs? This study sheds light on consumer preferences and priorities when it comes to safeguarding and maintaining vehicles.

By AutoSuccess Contributor
study about age and gender differences - man and woman

Other Posts

FTC Announces CARS Rule to Fight Vehicle Shopping Scams

Combating Auto Retail Scams Rule targets bait-and-switch tactics, junk fees; includes clear protections for military members, who are frequent targets for vehicle scams.

By AutoSuccess Staff Writers
Protect Your Dealership

Thirty-four percent of dealers are still lost concerning certain key components of Safeguards law compliance.

By Ken Hill
How Generative AI Is Impacting Auto Lending Compliance

What is often left out of recent headlines, is the extraordinary power of AI to reduce harm, including fair lending and discrimination risks.

By AutoSuccess Contributor
5 Predictions for Front-Line Chat Solutions

In the next few years, prepare for a chat solution that must act like a personal greeter to every customer who visits your digital showroom.

By Carol Marshall