Certain rules included in the Gramm-Leach-Bliley Act (An act that imposed requirements on financial institutions to protect the privacy of nonpublic personal information of their clients). and the implementing rules and regulations from the Federal Trade Commission, which are designed to ensure the security and privacy of taxpayer information, apply to providers.
Providers must implement appropriate security and privacy practices. Such practices must be appropriate for their business activities (size, complexity, nature, scope, etc.).