Skip to content
 

Sources For Privacy Policies

In the past 18 months, the bank and thrift regulatory agencies have given detailed guidance on what institutions should do to protect customer privacy and have specified what policies and procedures should include.

Last year, the Office of Thrift Supervision issued an official statement outlining recommended privacy practices. In that memorandum, OTS outlined the elements that a policy should include. OTS identified key elements for written procedures. These should:

  • inform customers how the bank will use customer information;
  • tell customers how they may limit the bank's use of information about them;
  • safeguard the security of all information about customers; and
  • ensure the accuracy of all information about customers.

    One of the most important principles emerging about privacy is that financial institutions explain their privacy policy to customers before taking any information from the customer.

    OTS has defined specific points that should be included in your privacy notice to the customer. The notice should include and carefully explain:
  • all intended uses of any personal information the bank collects;
  • whether the bank will give or sell information to an affiliated or non-affiliated parties. Be sure the customer understands what an affiliate is;
  • any consequences if the customer does not give the bank the requested or required information; and
  • the methods the bank uses to ensure the confidentiality and accuracy of information.


OTS also recommends that your notices include a phone number, e-mail address, or similar means of contact (appropriate to the situation) that the customer may use to review their information or correct inaccurate information. The customer should also be able to notify the bank of any suspicion that his or her account information has been used without authorization.

Before putting your notice into use, review it carefully. Read it for clarity and completeness. Show it to some trusted friends or family members who are not in banking and get their feedback on whether the notice is complete and understandable.

Copyright © 1999 Compliance Action. Originally appeared in Compliance Action, Vol. 4, No. 13 & 14, 11/99

First published on 11/01/1999

Filed under: 
Compliance
Filed under compliance as: 
Compliance/Compliance Management
Policies
Privacy

Report a problem with this page

Search Topics