GLBA - Gramm-Leach Bliley Act for Payday lenders
Who is exempt from privacy protection rules?
1. Law enforcement agencies. 2. Insurance institutions investigating fraud. 3. Financial institutions testing security procedures and various others. The main thing to note is we are NOT exempt.
What about employee training?
All employees must be trained to ensure compliance with safeguard rules.
How often does the customer receive a privacy notice?
An individual with a continuing relationship with a financial institution will receive a Privacy Notice each year as long as relationship exists
Is ALL The customer information protected?
Any in. formation that is publically available is not included. But what is included is Name and Address, Social Security Numbers and Account numbers of banks, debit cards, etc
Who is responsible for insuring the safeguard rule if followed?
At least one person must be in charge of monitoring and coordinating the security policy usually the compliance officer. But each store manager must be aware of the necessity for consumer privacy and ensure all consumer information is filed and stored properly at all times.
What is the Safeguard rule?
Companies must have a policy in place that protects personal info of their customers including security breaches. 1. Insure security and confidentiality of customer records and info 2. Protect against any anticipated threats or hazards to security or integrity of such records 3. Protect against unauthorized access to or use of such records or info which could result in substantial harm or inconvenience to any customer
What about our computers?
Computer and filing systems must be tested to confirm that all records are safe w/ policies established to prevent security breaches
Safeguard rule
Confirm and maintain safeguard rules w/ all service providers
Where is our Privacy Notice located?
It is part of the initial application and must be signed and put in the customer's file.
What is the Purpose of GLBA?
Prevents us from sharing personal information on a consumer without express permission and requires us to disclose any privacy policies we have.
Which part of the act governs us?
Regulation P
What about debit card information?
Safeguarding of customers debit card information is done by Repay, our third party vendor. However, under no circumstances should a customer's debit card be written on a piece of paper or stored in the customer file.
What about text messaging?
Solutions by Text is our third party provider of text messages. All text messages must be approved for sending by the customer and must offer an opt-out feature with every text. SBT handles this for us, and that's why we verify the number with the customer upon application and periodically update numbers. All customers sign our Text Messaging Policy page, a copy of which is in everyone's file.
How do we check our risk assessment?
We are protected by password security to our computers, the safeguards our software company eCash puts into place, that annual audits conducted by Solutions by Text on our text messages, the security systems of Repay and the fact we keep all files in cabinets behind locked doors that are not ever available to the public. In addition we offer opt out options on marketing and texts.
Other than the information on the customer application, in what other areas do we need to be aware of privacy protection?
When collecting, we are prohibited from obtaining customer information by false pretenses -- whether through an institution, workplace or another person. We must always represent ourselves as Cash Money or Check Plus when calling and/or texting.
