Mosaic will be showcasing our Safeguards Solution for dealerships.

Is your Safeguards program bulletproof?

Stop by Booth 1804 at the NADA Expo in Dallas and find out! By filling out a simple web-based questionnaire you can confirm what you’re doing right and what still needs to happen, along with a reasonable estimate of what complete compliance will cost.

You can leave with a copy of our white paper on the topic, as well as a piece of swag that is sure to get TSA’s attention. Don’t worry – it’s a bottle opener. For Mosaic Compliance Services, I’m Jim Ganther, and I hope to see you in Dallas!

See us at booth #1804.

Mosaic is excited to be attending NADA Show 2023. See us at booth #1804. We'd love to speak with you about your compliance needs.

We solve your compliance problems - affordably!

Mosaic Compliance Services was founded in 2006 by attorneys focused on dealership defense. Over the years, Mosaic has increased the scope of its compliance solutions while consistently driving down our cost, resulting in our private-labeled program winning the Dealers' Choice Diamond Award for Compliance Training seven years in a row (2016 - 2022).

Whether your dealership's compliance concerns involve the revised Safeguards Rule, F&I and sales practices, or sexual harassment, let Mosaic craft a solution that won't break the bank.

Visit our show page to see our team attending the show and learn more about our offerings. See you there!

Deadline Extended

As you recall, the original enforcement date for the revised Safeguards Rule was December 9th, 2022. By the time you're watching this that day has passed. Fortunately, on November 15th, the FTC postponed enforcement of the revised rule.

Many dealers (probably most) took the news as allowing them to back-burner safeguards compliance. There are many dealers out there who are acting as if they don't need to think about safeguards compliance until June rolls around. Spoiler alert—bad idea. Did the FTC delay enforcement of all the rule's requirements? Or just a few? Sadly it was just a few. So if your dealership is not already in substantial compliance with the rule, you are on shaky legal ground.

The Rule's Requirements

Let's look at what the FTC actually postponed. Here's a list of the requirements dealerships must comply with under the revised Safeguards Rule.

• Qualified Individual

• Written Risk Assessment

• Access Controls

• Encryption

• Training for Security Personnel

• Incident Response Plan

• Service Provider Oversight

• Multifactor Authentication

• Continuous Vulnerability Scanning

• Data and Systems Inventory

• Systems Monitoring and Logging

• Continuous Monitoring

• Unauthorized Activity Monitoring

• All-Employee Security Awareness Training

• Secure Development Practices

• Safe Data Disposal Practices

• Change Management Procedures

• Written Information Security Program (WISP)

• Written Annual Report

Postponed Requirements

By my count, that's 18 items. Now here's a list of the requirements the FTC is postponed until June 9th, 2023. A delay of about six months:

• Qualified Individual

• Written Risk Assessment

• Access Controls

• Encryption

• Training for Security Personnel

• Incident Response Plan

• Service Provider Oversight

• Multifactor Authentication

As you can see that leaves the bulk of the requirements still subject to the December 9th enforcement deadline which as I said is now in the past.

Get Started

So what's a dealer to do? The short answer is: get started. Get started on the items that are already required which is to say most of them and get started on the items that need to be completed by June 9th.

The one long lead-time item is overseeing your service providers. That's the one area dealers can't control. If you start right now there's no guarantee you'll be done by June 9th. You can ask your service providers to document their consumer data protection procedures. You can ask them, “pretty please,” but you can't make them do it. If they don't, you need to fire them and find service providers that will. But even that takes time. How do you get started? That would take more than 90 seconds to unpack so just download the white paper from the link below.