Under the Gramm-Leach-Bliley Act, what is required of companies regarding customer information?

The Gramm-Leach-Bliley Act (GLBA) requires financial institutions to implement measures to protect consumers' private financial information. Specifically, one of the key mandates of the GLBA is the development of written information security plans. These plans outline how companies will safeguard personal data, detailing the organization's policies and procedures to secure sensitive information against unauthorized access, data breaches, or misuse.

This requirement is significant because it compels institutions to be proactive in assessing their security risks and implementing appropriate measures to protect customer information. Creating a well-structured written security plan is a foundational step in compliance with the act, ensuring that financial institutions take the necessary precautions to maintain consumers' trust and safeguard their personal data.

The other options do not correctly reflect the specific mandates of the GLBA. For instance, while affiliated business arrangements and marketable title documentation play important roles in real estate and financial industries, they are not central to the goals set by the GLBA regarding consumer privacy. Immediate reporting of data breaches is a related concern but is not explicitly required by the GLBA; rather, various other legislation may impose such requirements.