Financial institutions today are asked to incorporate the rules that instruct them to develop a security plan that encompasses the protection of client’s personal information not privy to the public.  What needs to be accomplished is safeguard changes as needed in regards to how the information is used, collected and stored.  The program after being developed should be tested and monitored on a regular basis to ensure the information is secure.  In addition, a designated employee should be appointed to manage the safeguards.  This sounds like a lot of work but Access Certification is serious and it needs to be taken seriously.  By not having proper access certification that works, companies have been devastated by the theft and violations.