Financial institutions have to have their privacy policies in place and the race to meet the far-reaching new regulations is on. Surveys indicate that the majority of institutions do not plan to share consumer non-public information with non-affiliated third parties. But they still need to formulate a privacy policy that reflects their information sharing practices and communicate it in an effective and consistent way to all their customers. In addition to the privacy rules, regulators are adopting security guidelines that require financial institutions to establish an information security program.