If you're building or reviewing privacy programs for SEC-registered firms, this walks you through Reg S-P privacy notices, the Safeguards Rule's written information security requirements, and Reg S-ID identity theft prevention. It covers the practical stuff like vendor risk assessments, breach notification triggers across state lines, and whether you qualify for the FAST Act annual notice exception. The source material gets into serious detail on what administrative, technical, and physical safeguards actually mean and how the Red Flags Rule applies to covered accounts. Honestly most useful when you're prepping for a cybersecurity exam or responding to an actual incident and need to know exactly what the regulations require, not just best practices.
npx skills add https://github.com/joellewis/finance_skills --skill privacy-data-security