Changes to LPL’s Branch Office Security Policy
Recently, LPL has added to their BOSP. They have added a new section regarding the usage of AI and AI powered tools, Section 2.10. They have also updated the language in Section 4.3 regarding Firewalls and Section 4.9 regarding Network and Wireless usage.
A short summary of new Section 2.10: Covered individuals may only use LPL-approved Artificial Intelligence (AI) tools, and personally identifiable information (PII) may only be used within tools specifically approved for handling it. PII, PCI, and internal LPL data cannot be entered into public or consumer AI tools, and Social Security numbers are strictly prohibited from use in any AI system. Service providers must be prohibited from using, storing, or sharing LPL data for training or other purposes, and they must maintain strong governance, risk management, and security programs—including regular audits for fairness, accuracy, and bias, and breach notification within 72 hours.
Section 4.3 has been updated to be more specific about the nature of the Firewalls, the devices that are connecting to the internet, and the configuration of the networks. The update to Section 4.9 adds specific requirements to the configurations of the wireless networks inside you roffices.
GVA and Razor Technology will review these new requirements, and will reach out to any offices covered by GVA Secure Office as needed. As always, please reach out to techsupport@greatvalleyadvisors.com with any GVA technical questions; Razor’s support email address is support@razor-tech.com.
