agent Entrepreneur logo
MenuMENU
SearchSEARCH

The Shoulder Bone Is Connected to the Back Bone

February 28, 2017
The Shoulder Bone Is Connected to the Back Bone

The Shoulder Bone Is Connected to the Back Bone

3 min to read


Many of you may be familiar with the children’s sing-along song called “Dem Bones” or “Dry Bones.” Most verses recite the connection between the bones: “Shoulder bone connected to the back bone, back bone connected to the hip bone,” and so on.


You may be wondering what, exactly, this has to do with you. Well, any agent who has an interest in keeping their dealers off the federal regulatory radar needs to understand the security measures those agencies are demanding and how to meet them.

Ad Loading...


Assembling the Skeleton


Well, the “back bone” of every dealership is the dealer management system (DMS). Connected to that “back bone” are lots of other “bones” such as the business development system (BDS), a customer relationship manager (CRM), menu sales tools, iPads, smartphones, laptops and other devices.


Contained in the DMS are pieces of nonpublic personal information (NPI) pertaining to clients and potential clients which can be part of this digitally interconnected skeleton. One variety of this digital interconnectivity is referred to as peer-to-peer (P2P) file-sharing technology.


The federal Safeguards Rule requires, among other things, that dealers have a written security plan that contains administrative, technical and physical safeguards of customer’s information. Customer’s information includes NPI, which includes information a customer provides to the dealer to obtain a financial product or service.


Think about your typical dealer client. How many points of access to the customer NPI in the DMS back bone are there? If a salesperson pulls up their CRM to call Charlie Customer, does he have access to the DMS with Charlie’s credit score, credit application, date of birth, driver’s license number and other pieces of NPI? Can the salesperson access the DMS from his or her laptop while offsite?


Aside from the “front of the house” type of issue of controlling digital interconnectivity, have you reviewed your dealers’ agreements with their finance sources lately? As you may be aware, as far as the CFPB is concerned, the dealership is what is called a “service provider” for Mr. Big Bank. That means that the bank can be held liable for any improper act that is committed by one of its dealers.

Ad Loading...


As a consequence, almost all dealer/finance source contracts have some pretty scary indemnity/chargeback language incorporating compliance addendums or similar language. What this means, as a practical matter, is that failure to secure NPI in the DMS “back bone” could not only create liability for any injuries that the customer may suffer and reputational risk for the dealer, but could seriously jeopardize the dealer’s financing source.


Case Study


Franklin Budget Car Sales of Statesboro, Ga., used a computer network to conduct business and collect customer information and data, including such items as online credit applications, outside lead information, customer automobile and payment records, and finance and insurance records.


Franklin also, unfortunately, had P2P software installed on a computer connected to its network. As a result, the NPI of 95,000 customers was made available on the P2P network. Anyone operating a computer containing compatible P2P software would have access to view or download any files shared on the P2P network.


The FTC found this practice to be a violation of the Safeguards Rule. No financial penalty was assessed; however, Franklin was required to completely overhaul its information security program and report to the FTC for a period of 20 years. Keep in mind that there was no allegation that any of the 95,000 affected customers’ NPI was actually used to the detriment of the customers, just that it was available on the P2P network.


So what is the takeaway here? Well, while the back bone may be connected to the hip bone, you should take appropriate steps to make sure that the NPI on your dealers’ DMS is properly secured, that their computer network (and all devices with access to their computer network) contain no P2P software, and that they maintain adequate “administrative, technical and physical safeguards” to protect the security, confidentiality and integrity of personal information collected from or about customers.

Topics:Industry
Subscribe to Our Newsletter

More Industry

Foreign Cars Italia dealership store in front of sunset
Industryby Hannah MitchellJuly 2, 2026

Luxe N.C. Dealerships Change Hands

A collection of Italian and English brand franchises were handed off to the owner’s friend in the business and include the Carolinas’ only Ferrari retail stores.

Read More →
inside of car, person with hands on black steering wheel
Industryby Lauren LawrenceJuly 2, 2026

Exposure Drives Interest in Chinese Cars

At a recent demonstration, consumers had the chance to ride in a Chinese-branded vehicle, a firsthand experience that improved their perceptions and purchase intent.

Read More →
Woman's hands holding an wallet empty of cash
Industryby Hannah MitchellJuly 1, 2026

Automotive Consumers Sink Further in Debt

Most financing metrics hit records in the second quarter as more buyers locked themselves into long terms and high monthly payments.

Read More →
Ad Loading...
Rob Mancuso sitting in a chair on stage
Industryby Hannah MitchellJuly 1, 2026

Agent Advocate

Rob Mancuso, who comes from a long line of auto dealers, values general agents’ place in the industry and makes a case for them taking an even bigger seat at the table.

Read More →
Photo of a touchscreen on a car's dashboard
Industryby Hannah MitchellJune 25, 2026

Driving Under Distraction

Though consumers gave higher marks to new vehicles in JD Power’s most recent initial-quality poll, high-tech interference worsened, pointing to craving for simplicity.

Read More →
split background green and blue. 2019 to 2025 with car going from starting location to end point. $37,310 and $48,402. Agent Entrepreneur logo
Industryby Lauren LawrenceJune 25, 2026

Affordable New Cars a Thing of the Past

More than one out of five new vehicles sell for more than $60,000, according to Edmunds. That's up 7% compared to prepandemic 2019.

Read More →
Ad Loading...
Photo of multiple new SUVs on a car dealership lot
Industryby Hannah MitchellJune 22, 2026

State Follows Federal Warning on Auto Ads

The Massachusetts attorney general cautioned the state’s automotive dealers to be upfront with the consuming public about their vehicle prices or risk punishment.

Read More →
Gas pumps.
Industryby Lauren LawrenceJune 15, 2026

Consumer Outlook on the Rise

Younger generations are feeling more positive about their financial futures and current affordability pressures than older generations, according to recent TransUnion data.

Read More →
Group photo of men outside storefront.
Industryby Hannah MitchellMay 28, 2026

Pennsylvania Dealership Under New Retailers

The sale of the Chrysler Dodge Jeep Ram store puts a family auto group on a leaner path as first-time dealers take the helm.

Read More →
Ad Loading...
Hallway with lockered wiring and computer
Industryby Lauren LawrenceMay 28, 2026

Battery Storage Takes Priority Over EVs

U.S. automakers are prioritizing battery energy stationary storage over electric-vehicle production as the consumer demand for EVs lags the rest of the world.

Read More →
Ad Loading...