The amendment to the Safeguards Rule will go into effect in April, requiring non-banking financial institutions to report security incidents involving the information of at least 500 customers to the FTC.