Privacy Guidance Issued by Regulators

<a href="http://adserve.bankersonline.com/cgi-bin/advertpro/blink.fpl?region=2&slot=1" target="_top"><img src="http://adserve.bankersonline.com/cgi-bin/advertpro/bimg.fpl?region=2&slot=1&keyword=NULL" border="0"></a>


Site Map Our Sponsors Home

Print Friendly!

Email This Article!

<a href="http://adserve.bankersonline.com/cgi-bin/advertpro/blink.fpl?region=34&slot=1" target="_top"><img src="http://adserve.bankersonline.com/cgi-bin/advertpro/bimg.fpl?region=34&slot=1&keyword=NULL" border="0"></a>

Privacy Guidance Issued by Regulators
by Mary Beth Guard

Both the FDIC and the OCC have issued helpful guidance to aid banks in complying with the Gramm-Leach-Bliley privacy rules. Regardless of who your primary federal regulator is, both publications merit your review.

The FDIC's Privacy Handbook does not contain any new information or insights, but it is a well-organized, well-written guide to the privacy rules and its graphical representations of several of the main concepts and requirements are very effective. It would be an excellent tool for familiarizing your Board with the new privacy protections. It contains three sections:

Section One: Overview of privacy rule requirements - provides a concise summary;
Section Two: Get Ready for July 1, 2001 - sets forth four steps to create a comprehensive and effective privacy compliance strategy;
Section Three: Maintaining Compliance Beyond July 1, 2001. FDIC recommends that to maintain compliance beyond the July 1 compliance deadline:

Develop controls to monitor ongoing compliance;
Train employees; and
Audit for compliance.

Section Four: Learn the Lingo - familiarizes readers with the terminology used in the privacy rules.

The OCC's guidance comes in two forms, an advisory letter and a preparedness questionnaire.

AL 2001-2 advocates the following privacy preparedness steps:

Assessing existing information practices by conducting an inventory of information collection, disclosure, and security practices;
Evaluating agreements with nonaffiliated third parties that involve the disclosure of consumer information;
Where necessary, establishing mechanisms to permit and process opt-out elections by consumers;
Developing or revising existing privacy policies to reflect the new regulatory requirements;
Determining how to deliver privacy notices to consumers;
Establishing employee training and compliance programs; and
Developing an implementation plan.

The privacy preparedness questionnaire leads banks through a series of thirteen questions which are designed to act as a self assessment tool. The questions provide an excellent means for a financial institution to focus on the required issues and identify current information practices. Through the questions, institutions can glean information about regulatory expectations. One question, for example, indicates that your privacy policy should be reviewed by the board and senior management, the compliance officer, and legal counsel. Another reminds you of the need to have a process in place to ensure that privacy policies are kept current.

No word on whether, or when, the Federal Reserve Board or the Office of Thrift Supervision might issue further privacy guidance.

Originally appeared in the Oklahoma Bankers Association Compliance Informer.

First published on BankersOnline.com 5/21/01

Home | Compliance | Lending | Operations | Security | Marketing | Technology | eBanking

BOL Archives Privacy Policy Important Disclaimer Recommend This Site ! Contact Us

BankersOnline is a free service made possible by the generous support of our advertisers and sponsors. Advertisers and sponsors are not responsible for site content. Please help us keep BankersOnline FREE to all banking professionals. Support our advertisers and sponsors by clicking through to learn more about their products and services.