"The important thing when evaluating your options is to scale them to your needs, and remember that it’s not “all or nothing”.
"Improving security and compliance is a path, not a destination. It will never be done because the risks and methods constantly change. Don’t feel like you have to have it all done tomorrow. You don’t. You do need to start, and be educated, however. Security and privacy issues are not going away, ever."
That GLB Privacy Statement however has been hidden on the password protected "Licenses and Certificates" page of my web site. The problem with that practice is that it does NOT comply with GLB's instructions!
- Send the policy immediately any time you get a new consumer order. As soon as you receive an order from a consumer, you must provide the policy. You do not have to make it a mandatory “click through” before accepting an order. You only have to provide it quickly enough after the order that the consumer would be able to opt-out before his or her NPI is shared with anyone. Generally speaking, you should send the notice as soon as the order is received.
To assist NAR appraisers in dealing with privacy issues related to the Gramm-Leach-Bliley Act, a Privacy Statement template was developed. To download the Word Doc. version of this statement click - here.
- Information we receive from you on applications, letters of engagement, forms found on our web site, correspondence, or conversations, such as your name, address, telephone number and social security number.
- Information about your transactions with us, our affiliates or others, including, but not limited to, payment history, parties to transactions and other financial information.
- Information we receive from a consumer reporting agency such as a credit history.
- Financial service providers _________________________ (others as they pertain to your business, such as banks and lending institutions, estate planners, mortgage brokers, tax attorneys, etc.)
- Non-financial companies ______________________ (others as they pertain to your business, such as retailers, direct marketers, etc.)
- We may also disclose nonpublic personal information about you to nonaffiliated third parties as permitted by law. (If you include this provision then you will also need to include another section identifying the types of nonaffiliated third parties to whom you are referring in this provision, See, for example part C(3) of the article on preparing a disclosure form.)
- You may limit information shared about you. If you prefer that we not disclose nonpublic personal information about you to third parties, you may opt out of those disclosures, that is, you may direct us not to make those disclosures (except those permitted by law). If you wish to opt out, check the block below. Please acknowledge that you have read and understand this form with your signature below.