NPI stands for Non-Public Personal Information, a term used in the United States to describe personally identifiable financial information that is not publicly available. It is a critical concept under the Gramm-Leach-Bliley Act (GLBA), which mandates that financial institutions collect, use, and protect NPI with stringent safeguards to ensure the confidentialityConfidentiality is the principle of ensuring that informatio... More and integrityIn the context of data security and privacy, integrity refer... More of customer data.
Understanding NPI:
NPI refers to any information that a financial institution collects about an individual in connection with providing a financial product or service, unless that information is otherwise publicly available. NPI encompasses:
- Any information an individual provides to obtain a financial product or service (e.g., name, address, income, Social Security number, or details on an application).
- Any information obtained from a transaction involving financial products or services (e.g., customer status, account numbers, payment history, loan or deposit balances, and credit or debit card purchases).
- Any information acquired in connection with offering a financial product or service (e.g., data from court records or consumer reports).
- However, NPI does not include information that you have a reasonable basis to believe is lawfully made publicly available.
For a deeper understanding of what constitutes NPI and the distinction between non-public and publicly available data, visit the Federal Trade Commission’s (FTC) webpage on GLBA compliance.