[Federal Register Volume 75, Number 71 (Wednesday, April 14, 2010)]
[Notices]
[Pages 19464-19465]
From the Federal Register Online via the Government Publishing Office [www.gpo.gov]
[FR Doc No: 2010-8470]


-----------------------------------------------------------------------

DEPARTMENT OF THE TREASURY

Office of Thrift Supervision


Interagency Guidance on Response Programs for Unauthorized Access 
to Customer Information and Customer Notice

AGENCY: Office of Thrift Supervision (OTS), Treasury.

ACTION: Notice and request for comment.

-----------------------------------------------------------------------

SUMMARY: The proposed information collection request (ICR) described 
below has been submitted to the Office of Management and Budget (OMB) 
for review and approval, as required by the Paperwork Reduction Act of 
1995. OTS is soliciting public comments on the proposal.

DATES: Submit written comments on or before May 14, 2010. A copy of 
this ICR, with applicable supporting documentation, can be obtained 
from RegInfo.gov at http://www.reginfo.gov/public/do/PRAMain.

FOR FURTHER INFORMATION CONTACT: For further information or to obtain a 
copy of the submission to OMB, please contact Ira L. Mills at, 
[email protected] (202) 906-6531, or facsimile number (202) 906-
6518, Regulations and Legislation Division, Chief Counsel's Office, 
Office of Thrift Supervision, 1700 G Street, NW., Washington, DC 20552.

SUPPLEMENTARY INFORMATION: OTS may not conduct or sponsor an 
information collection, and respondents are not required to respond to 
an information collection, unless the information collection displays a 
currently valid OMB control number. As part of the approval process, we 
invite comments on the following information collection.
    Title of Proposal: Interagency Guidance on Response Programs for 
Unauthorized Access to Customer Information and Customer Notice.
    OMB Number: 1550-0110.
    Form Number: N/A.
    Regulation requirement: 12 CFR Part 570.
    Description: The collection helps to establish standards for 
financial institutions relating to administrative, technical, and 
physical safeguards to: (1) Ensure the security and confidentiality of 
customer records and information; (2) protect against any anticipated 
threats or hazards to the security or integrity of such records; and 
(3) protect against unauthorized access to or use of such records or 
information that could result in substantial harm or inconvenience to 
any customer.
    A response program, of which this collection is a critical part, 
contains policies and procedures that enable the financial institution 
to: (a) Assess the situation to determine the nature and scope of the 
incident, and identify the information systems and types of customer 
information affected; (b) notify the institution's primary Federal 
regulator and, in accordance with applicable regulations and guidance, 
file a Suspicious Activity Report and notify appropriate law 
enforcement agencies; (c) take measures to contain and control

[[Page 19465]]

the incident to prevent further unauthorized access to or misuse of 
customer information, including shutting down particular applications 
or third party connections, reconfiguring firewalls, changing computer 
access codes, and modifying physical access controls; and (d) address 
and mitigate harm to individual customers.
    Type of Review: Extension of a currently approved collection.
    Affected Public: Business or other for-profit.
    Estimated Number of Respondents: 657.
    Estimated Burden Hours per Response: 16 hours for developing the 
notice and 20 hours for notifying the customer.
    Estimated Frequency of Response: On occasion.
    Estimated Total Burden: 16,912 hours.
    Clearance Officer: Ira L. Mills, (202) 906-6531, Office of Thrift 
Supervision, 1700 G Street, NW., Washington, DC 20552.

    Dated: April 8, 2010.
Ira L. Mills,
Paperwork Clearance Officer, Office of Chief Counsel, Office of Thrift 
Supervision.
[FR Doc. 2010-8470 Filed 4-13-10; 8:45 am]
BILLING CODE 6720-01-P