Topic: Safeguarding of Member Information
-
FFIEC: Information Security Booklet
Chapters Introduction Security Process Information Security Risk Assessment Information Security Strategy Security Controls Implementation Security Monitoring Security Process Monitoring and Updating Appendix A: Examination Procedures Appendix B: Glossary Appendix C: […]
-
Template for Developing an Information Security Program
Also includes link to List A – Methods to Manage and Control Risk.
-
OCU: Letter CU 6-16 – Unauthorized Access to Personal Member Information (August 8, 2016)
This letter is to inform credit unions of their responsibility to have response programs in place that specify actions to be taken when unauthorized access to personal member information occurs […]
-
0171 FFIEC’s Authentication and Access to Financial Institution Services and Systems Guidance
This release applies to all credit unions, state and federal, that allow members to remotely access Internet-based financial services. It describes federal guidance on the identity authentication procedures that credit […]
-
0155 NCUA Guidelines for Safeguarding Member Information, Responding to Unauthorized Access, and Reporting Cyber Incidents
This release applies to all credit unions, state and federal. It describes the NCUA’s guidance on protecting member information, responding to unauthorized access, promptly reporting “cyber incidents” to the NCUA, […]
-
0149 Disposal of Records
This release describes state and federal law relating to proper disposal of records containing consumer report information or other personal data.
-
Wis. Stats: 134.97(2) Miscellaneous Trade Regulations.
134.97(2) Disposal of records containing personal information. – A financial institution, medical business or tax preparation business may not dispose of a record containing personal information unless the financial institution, […]
-
Wis. Stats: 134.97 Miscellaneous Trade Regulations.
134.97 Disposal of records containing personal information. – (1) Definitions. (2) Disposal of Records Containing Personal Information. (3) Civil Liability; Disposal and Use. (4) Penalties; Disposal […]
-
Wis. Stats: 134.98 Miscellaneous Trade Regulations.
134.98 Notice of unauthorized acquisition of personal information – (1) Definitions. (2) Notice Required. (3) Timing and Manner of Notice; Other Requirements. (3m) Regulated Entities Exempt. […]