NPI stands for Non-Public Personal Information, a term used in the United States to describe personally identifiable financial information that is not publicly available. It is a critical concept under the Gramm-Leach-Bliley Act (GLBA), which mandates that financial institutions collect, use, and protect NPI with stringent safeguards to ensure the confidentiality and integrity of customer data.
Understanding NPI:
NPI refers to any information that a financial institution collects about an individual in connection with providing a financial product or service, unless that information is otherwise publicly available. NPI encompasses:
- Any information an individual provides to obtain a financial product or service (e.g., name, address, income, Social Security number, or details on an application).
- Any information obtained from a transaction involving financial products or services (e.g., customer status, account numbers, payment history, loan or deposit balances, and credit or debit card purchases).
- Any information acquired in connection with offering a financial product or service (e.g., data from court records or consumer reports).
- However, NPI does not include information that you have a reasonable basis to believe is lawfully made publicly available.
For a deeper understanding of what constitutes NPI and the distinction between non-public and publicly available data, visit the Federal Trade Commission’s (FTC) webpage on GLBA compliance.