Office Security and the Privacy Act and your Identity Theft Prevention Program……..what to do?

Nelson A. Locke, Esq. Compliance

imagesTDJ4NQ6E

The Financial Services Modernization Act (1999) (“Gramm Leach Bliley”) has two main components that all brokers and lenders should be aware of.

The Financial Privacy Rule regulates collection and disclosure of non-public personal information (“NPI”). The Safeguards Rule regulates the protection of such NPI when it is in your possession.

Lately I have been taking quite a few questions from clients and that leads me to conclude that many brokers and lenders are concerned about the security of data in their office. Good for you!

Thus, this blog post is going to address the Safeguards Rule as it relates to Office Security.

Here is the general idea. All NPI must be protected at all times. This means:

When working at your desk, only have the NPI relevant to the exact files you are actively working on. All other NPI should be off the desk top in a safe drawer.

When you go to lunch, you should lock your office door. If you don’t have an office door to your specific work area then put the  NPI in a file cabinet or desk that locks.

When you go home at night nothing  should be left on desk tops or in shredding boxes (waiting to be shredded) – especially if your office has a cleaning crew.

IF there is a window between your reception area and your work area (think medical office layout) the window must be lockable  or have some sort of protective screen installed.

If you have a door to your production area, it should have an automatic closer on it, and a keypad for employee use for access.

Computers should not be left on at night unless they are password protected.

IF you store files electronically (instead of keeping paper copies) they should be stored on a server locked in a closet or computer room and NOT connected to the internet in any way. Access to that computer must be limited and password protected.

IF you have a staging area for documents to be shredded it must be a locking box.

I hope this helps. The idea is clear.

We have openings for new clients right now. If you want to work with a Compliance Service that is managed by a 26 year Mortgage Banker Veteran and Attorney, call us at 800-656-4584. You won’t believe the value here. We don’t just sell you books and disappear. We are your compliance partner for a full year.

Leave a comment