Topic: Privacy
-
We received a request from the Illinois Department of Healthcare and Family Services requesting information about a customer’s deposit accounts. Since the customer also has a safety deposit box with us, should we report that to the DHFS as well?
—
by
Based on the information you have given us, we do not believe that the bank should respond to the Department of Healthcare and Family Services letter requesting information on a customer’s checking accounts. Even confirming that an individual was a customer of the bank would risk violating the customer’s privacy rights, as would providing information…
-
Should our marketing policy require customers to opt-out of our affiliate marketing, or should it require an opt-in?
—
by
There are three different areas of law requiring opt-ins and opt-outs: The Illinois Banking Act requires customers to opt in before institutions can share any financial information. 205 ILCS 5/48.1(c). The federal privacy regulations under the Gramm-Leach-Bliley Act (GLBA) require only that customers can opt out from disclosures of their personal information to non-affiliated third…
-
Our website has a privacy policy, but the mortgage area of our website is run by a third party vendor. Should our privacy policy also appear on the third party’s website?
—
by
First, we must clarify that there are two types of “privacy policies”: The initial and annual notices of your privacy policy required by the federal privacy regulations (under the Gramm-Leach-Bliley Act), which applies to all uses of nonpublic personal information (the “GLBA privacy notice”) A website privacy notice, which applies only to the use of…
-
Does the Gramm-Leach-Bliley Act (GLBA) require that appraisal firms email appraisals only by encrypted email?
—
by
We believe that federal and Illinois privacy requirements would require the encryption of appraisals only if the appraisal document contains “sensitive customer information” or “personal information.” While some appraisal reports may contain customer names and account numbers, others may contain no customer information at all. For example, we spoke to MountainSeed Appraisal Management, an appraisal…
-
If a joint account owner dies, can we provide information about the account to the executor of the estate?
—
by
The bank should be able to provide appropriate account information to the executor for the deceased joint accountholder’s estate, but it must be careful not to violate the privacy rights of the current account owner. The executor should have access to information about the account up until the date of death but would not have…
-
If we receive a subpoena for trust documents, can we provide the requested information without violating any laws?
—
by
In responding to a subpoena, customer privacy is generally not an issue because both federal and Illinois privacy laws allow banks to disclose customer financial records in response to a subpoena. 205 ILCS 5/48.1
-
If we send a promotional mailing on a postcard, would that violate any privacy laws? We are concerned that the postcard would reveal that the consumer is a customer of the bank.
—
by
We agree that the fact that an individual is your customer would constitute nonpublic personal information under the federal privacy regulations. 12 CFR 1016.3(q)(2)(i)(C). While we are not aware of any specific rulings or cases on the use of postcards, we agree that a postcard with any nonpublic personal information is a potential privacy violation.
-
If we are acquiring the assets of another bank, do we need to provide the debit card customers with any new disclosures?
—
by
In general, new account disclosures may be required when the information being disclosed or the account terms differ from those of the predecessor bank. Regulation CC Disclosure Requirements For example, if any of the items required to be disclosed in your funds availability policy differs from the predecessor bank’s policy, we would recommend making new…
-
If we receive a writ of garnishment asking us to report all of a customer’s property, should we list the land trusts for which the customer is beneficiary and trustee?
—
by
In our view, your response to the writ of garnishment should identify the trust’s deposit account, as well as the bank’s loans to the trust, for the reasons described below. The trustee of a land trust holds both legal and equitable title to the property in the trust, and the beneficiary has a personal property…