Thank you for using JustAnswer. There's no specific Federal consumer privacy law. A couple of bills have been introduced (https://www.govtrack.us/congress/bills/114/s1158; https://www.govtrack.us/congress/bills/114/hr1770) but these have not been voted on by Congress, much less sent to the President to be signed. You can find the patchwork of laws and regulations that are in place here: https://www.ftc
.gov/news-events/media-resources/protecting-consumer-privacy Financial institutions are required to take steps to protect the privacy of consumers’ finances under a federal law called the Financial Modernization Act of 1999, also known as the Gramm-Leach-Bliley Act. The FTC is one of eight federal agencies that enforces provisions of Gramm-Leach Bliley, and the law covers not only banks, but also securities firms, and insurance companies, and companies providing many other types of financial products and services. Under the law, agencies enforce the Financial Privacy Rule, which governs how institutions can collect and disclose of customers' personal financial information; the Safeguards Rule, which requires all financial institutions to maintain safeguards to protect customer information; and another provision designed to prevent individuals and companies from gaining access to consumers’ personal financial information under false pretenses, a practice known as "pretexting." (http://www.gpo.gov/fdsys/pkg/PLAW-106publ102/html/PLAW-106publ102.htm) When companies tell consumers they will safeguard their personal information, the FTC can and does take law enforcement action to make sure that companies live up these promises. The FTC has brought legal actions against organizations that have violated consumers’ privacy rights, or misled them by failing to maintain security for sensitive consumer information. In many of these cases, the FTC has charged the defendants with violating Section 5 of the FTC Act, which bars unfair and deceptive acts and practices in or affecting commerce. In addition to the FTC Act, the agency also enforces other federal laws relating to consumers’ privacy and security. In addition, HIPAA protects medical records, but only applies to healthcare providers and other related entities. 42 U.S.C. § 1320a-7c. Hope that clears things up a bit. If you have any other questions, please let me know. If not, and you have not yet, please rate my answer AND press the "submit" button, if applicable. Please note that I don't get any credit for my answer unless and until you rate it a 3, 4, 5 (good or better). Thank you, ***** ***** luck to you!