07/10/2006
We are in the process of developing a more comprehensive IT/Information Security policy for our growing institution. What recommendations can you make regarding content that will ensure compliance with regulations? Are you aware of any sample policies that meet regulatory criteria that we can refer to for guidance? We are most interested in sucessful ways of incorporating GLBA requirements.
12/05/2005
Is there an annual IT certification the board must make for Graham Leach Bliley compliance?
12/01/2005
The agencies have published new examination procedures for FCRA and the FACT Act.
12/01/2005
To assist institutions in their efforts to design and manage effective information security programs, the agencies have issued guidance especially designed for small entities, which appears to be a
08/15/2005
Our organization uses a vendor to service our mortgage loans. The vendor emails trial balance data, (loan numbers, names, balances, etc.) to us. The emails are password protected. Is this sufficient under GLBA or must the emails be encrypted?
06/21/2004
What law or regulation addresses a bank employee giving out information on banking information to an outside party that has no tie to the account?
10/20/2003
What recourse does a customer have when a bank employee gives out a SS# and loan information without the customer's permission?
10/06/2003
Our bank is fielding some questions regarding "privacy" issues and whether the bank is able to give payoff amounts verbally, such as to the car dealerships where the customer is negotiating a deal. We have had a couple of attorneys call our bank complaining that we gave out payoff information without their consent.
08/04/2003
As it relates to IT examinations, what are the top "hot buttons" for regulators?
03/17/2003
We are in the process of developing a more comprehensive IT/Information Security policy for our growing institution. What recommendations can you make regarding content that will insure compliance with regulators? Are you aware of any sample policies that meet regulatory criteria that we can refer to for guidance? We are most interested in sucessful ways of incorporating GLBA requirements.