|
Security Measures
Protecting the Privacy of Member's Information
Privacy of Credit Union Member's
Information
Share One, Inc. considers and contracts with our Credit
Union customers to maintain the privacy of all member account
information. Member information cannot be released to
any third party unless the Credit Union directs Share One,
Inc.
Under NCUA Rule 716, Share One, Inc. as the credit union's
data processing provider is EXEMPT from the Opt Out clause in
the rule. The following excerpt from NCUA Letter to
Credit Unions 01-CU-02 issued in February 2001 outlines
this exception:
Exceptions
to the opt out right include a credit union's disclosure
of nonpublic personal information:
- To
a nonaffiliated third party for performing services
for the credit union or functions on its behalf,
such as outsourcing marketing of the credit union's
products to an advertising company, or using a
mailing house to send out marketing information
about the credit union's products and services to
the credit union's members;
- In
a joint marketing agreement with a non affiliated
third party financial institution to jointly offer,
endorse, or sponsor a financial product or service
provided the credit union has disclosed the
financial institution's general lines of business in
its privacy notice;
- As
necessary to effect, administer, or enforce a
transaction that a consumer requests or
authorizes. Examples of third parties which
may fall under this exception include: check
printers, mortgage servicers, collection agencies, data
processors, collateral protection insurance, and
statement mailers; and
- For
specified other disclosures, such as to protect
against or prevent actual or potential fraud; to the
credit union's attorneys, accountants, and auditors;
to and from consumer reporting agencies; or to
comply with applicable legal requirements, such as
the disclosure of information to regulators or the
securitization of a credit union's mortgage
portfolio.
|
Back to TOP
Safeguarding Member Information
Share One, Inc. works to safeguard all member
information, employing the following methods:
- Restricts access to member information of any kind to Share One
employees working directly with the credit union to
resolve a specific problem, provide a service to the
member, or to fulfill a request from the credit union
including beta testing of new services.
- Any member information stored of Share One's systems is
protected using a variety of security methods, such as
multi-level passwords, intrusion detection, firewalls, or
secure socket encryption.
- Share One provides no access to member information by
any 3rd party except via standard services such as credit
bureau reporting, statement/microfiche processing, share
or loan insurance premium postings which are also exceptions
to Rule 716's opt out clause. Again, such access is
provided only at the expressed direction of the Credit
Union.
- Any member information collected by Share One while
working with the credit union to provide a service or
resolve a problem must be destroyed via data
purge/deletion functions or paper shredding. Data
Files stored in Share One facilities must be safeguarded
using fireproof safe and restricted access to storage
location. share One does not maintain data files not
necessary to the provision of Share One products and
services.
- Share One restricts access by employees who are not
directly working with the Credit Unions (administrative,
clerical staff) to credit union member information.
Share One encourages our Credit Union customers to consider
the following in securing member information:
- Use all system provided security features to limit
access to member account information.
- Restrict the viewing and printing of member information
that includes: account number, name, address, birth
date and most critically the social security number.
- Where possible deliver data files containing member information
using a secure format such as zipped or encrypted file.
- Limit collection of sensitive member information (name,
address, birth date and most critically the social
security number) when that information is already
available to the Credit Union. For example, do not
require the entry of the member's social security number
in the Credit Union's Website based loan
application. The credit union can retrieve this
information from existing records.
- Use only summary level data (no specific account detail)
or a "data scramble" utility when collecting
demographic information for marketing purposes.
Back to TOP
|
|
|
Our New System...
| NewSolutions
is a model of excellence in member transaction processing
systems for Credit Unions. |
|
|
|
|
|
|
 |
|
|
