The Gramm-Leach-Bliley Acts Safeguards Rule requires those institutions to develop, implement, and maintain a comprehensive information security program.