Home
GotoMy Card
Services
Membership
Online Calculators
Links
News and Information
Lending Center
Mortgage Online
Kids Club
Contact Us

Search

Home > Policies and Disclosures > Privacy Policy  Print View
Intercorp Credit Union Privacy Policy

REFERENCE:

NCUA RULES & REGULATIONS

GUIDELINES FOR SAFEGUARDING MEMBER INFORMATION

APPENDIX A to PART 748

 

 

PURPOSE OF THIS POLICY:

The purpose of this policy is to insure that ICU complies with the existing federal and state laws with respect to the privacy and security of member’s nonpublic personal information.

 

 

GENERAL PROVISIONS:

ICU shall protect the confidentiality, security, and integrity of each member’s nonpublic personal information in accordance with existing state and federal laws.

 

The credit union will maintain physical, electronic, and procedural safeguards that comply with federal standards to guard members’ nonpublic personal information.

 

The credit union will not gather, collect, or maintain any information about its members that is not necessary in order to offer its products and services, to complete member transactions, or for other relevant business purposes.

 

The credit union does not, and will not sell or provide any member information to third parties including list services, telemarketing firms, or outside companies for independent use.

 

All business with which the credit union does business are subject to strict confidentiality requirements.

 

 

INFORMATION SECURITY PROGRAM:

Management of ICU shall be responsible for developing, implementing, and maintaining an effective information security program to:

  1. Insure the security and confidentiality of member records and information
  2. Protect against any anticipated threats or hazards to the security or integrity of such records
  3. Protect against unauthorized access to or use of such records or information that would result in substantial harm or inconvenience any member
  4. Management shall regularly (no less than annually) report to the board on the current status of the credit union’s information security program

 

 

ASSESSMENT OF RISK:

In order to assess the risks that may threaten the security, confidentiality, or integrity of member information or member information systems, the credit union shall:

  1. Identify all reasonably foreseeable internal as well as external threats that can result in unauthorized disclosure, misuse, alteration, or destruction of member information or member information systems
  2. Determine the likelihood as well as potential damage of the internal and external threats
  3. Determine the sufficiency of the credit union’s policies, procedures and member information systems to control the identified risks

 

 

MANAGEMENT AND CONTROL RISK:

In order to manage the control the risks that have been identified, the credit union shall:

  1. Establish written procedures to implement, maintain and enforce the credit union’s information security program
  2. Limit access to the credit union’s member information systems to authorized employees only
  3. Establish controls to prevent employees from providing member information to unauthorized individuals
  4. Limit access at the credit union’s physical locations containing member information, such as buildings, computer facilities, and records storage facilities to authorized individuals only
  5. Implement measures to protect against destruction, loss, or damage of member information due to environmental hazards, such as fire and water damage or technical failures
  6. Monitor, evaluate and adjust as appropriate, the information security program in light of any relevant changes in technology
  7. Ensure that all contracts with service providers contain appropriate provisions requiring the service providers to protect the confidentiality of the credit union member’s nonpublic personal information

 

 

EMPLOYEE TRAINING:

Employees should be trained with regard to their responsibilities under this policy.  In addition, employees should be trained to recognize, respond to, and where appropriate, report any unauthorized or fraudulent attempts to obtain member information.

 

 

NONPUBLIC PERSONAL INFORMATION DEFINITION:

Personally identifiable financial information obtained by providing a financial service or product, which is not available to the general public.  It includes any listing that is derived from such information.  It also includes the fact that a person is a credit union member.

·        ICU will restrict access to nonpublic personal information about our members to employees who need to know that information to provide products, or services, to our members

·        The release of information regarding a member’s account to a third party will be held in strict confidence and will be released to third parties only when authorized by the President

·        Member information will only be released to companies (third parties) that perform marketing or other service on our behalf or to other financial institutions with whom we have joint marketing agreements, or as permitted or required by law

·        ICU will only work with companies that agree to maintain strong confidentiality protections and limits the use of information we provide, they will not be permitted to sell to other third parties the information we provide to them

·        ICU employees and board directors will review the privacy policy annually to ensure compliance


Home |  GotoMy Card
 |  Services |  Membership |  Online Calculators |  Links |  News and Information |  Lending Center |  Mortgage Online |  Kids Club |  Contact Us

Privacy Policy | Funds Availability

The credit union is not responsible for the content or availability of linked sites. Please be advised that the credit union does not represent either the third party or you, the member, if you enter into a transaction. Further, the privacy and security policies of the linked site may differ from those practiced by the credit union.


Copyright 2003 InterCorp CU