Which of the following actions is not included in the Gramm-Leach-Bliley Act recommendations for securing customer information?

The Gramm-Leach-Bliley Act (GLBA) is designed to protect the privacy of consumer financial information. One of the key components of the act is the requirement to implement measures to ensure the security of customer information, which includes specific recommendations for safeguarding that data.

The action of referring business to third-party service providers does not directly relate to the protective measures outlined by the GLBA for securing customer information. While the act does address the need for financial institutions to take responsibility for the protection of consumer data, it does not list referring third parties as a method of securing that data. In fact, relationships with third-party service providers require additional diligence and oversight under the GLBA, to ensure they maintain appropriate safeguards for customer information.

In contrast, locking rooms and file cabinets helps physically secure sensitive information, sharing employee passwords can compromise security, and encrypting data protects it during transmission or storage, all of which are proactive measures explicitly encouraged by the GLBA to maintain the confidentiality and integrity of customer information.