The Gramm-Leach-Bliley Act governs the collection and disclosure of customers' personal financial information by financial institutions. It requires financial institutions to implement safeguards to protect customer information and outlines rules for disclosing a financial institution's privacy policy. The Act also applies to any company that receives customers' personal financial information, regardless of whether they are a financial institution. It provides enforcement mechanisms and establishes criminal and administrative penalties for violations.