1.    Mortgage Acts and Practices—Privacy Policy and Procedures

1.1.  Purpose

Access Reverse Mortgage Corporation maintains this policy in order to comply with all state and federal privacy laws and regulations.  At a minimum, Access Reverse Mortgage Corporation complies with the following privacy laws in accordance to the Gramm-Leach Bliley Act. Access Reverse Mortgage Corporation is committed to ensuring all customers private and sensitive information is handled, stored, and destroyed in compliance with GLB privacy rule and will provide training to its employees on these requirements on a frequent and regular basis. Customer information is defined as any information about a customer, whether publicly available or not.

1.2.  Scope of Policy

This policy applies to any employee of Access Reverse Mortgage Corporation. Failure to comply may result in immediate termination. Sean Tennant, Chief Compliance Officer, is designated to oversee the implementation of this policy and will work closely with the Chief Compliance Officer of Access Reverse Mortgage Corporation to see that it is followed.

1.3.  Privacy Practices

Access Reverse Mortgage Corporation takes the following privacy actions:

  • Perform reference or background checks before hiring employees who will have access to customer information.
  • New employees are asked to sign a confidentiality and security standards for handling customer information agreement.
  • Limiting access to customer information to employees who have a business reason to see it.
  • The use of laptops, PDAs, cell phones, or other mobile devices that are used for company use will be stored in a secure place when not in use and will be password protected in order to obtain access.
  • Employees are required to use “strong” passwords on any device that may contain Customer Information and are required to change their password on a regular basis.
  • Employees are prohibited from depositing any documents with Customer Information into any type of wastebasket that is not designated for shredding.
  • Employees will be trained to take basic steps to maintain the security, confidentiality, and integrity of customer information, including:
    • Locking rooms and file cabinets where records are kept;
    • Locking any device (computer, laptop, cellphone, etc) that is used for business purposes in the event of stepping away from it;
    • Not sharing or openly posting employee passwords in work areas;
    • Encrypting sensitive customer information when it is transmitted electronically via public networks;
    • Referring calls or other requests for customer information to designated individuals who have been trained in the safeguards of personal data; and
    • Reporting suspicious attempts to obtain customer information to a manger or to Sean Tennant.
  • Terminated employees will have their access to customer information immediately deactivated by changing their passwords and user names to all company information systems, programs and email accounts, as well as taking other appropriate measures.

Access Reverse Mortgage Corporation abides by the following practices to protect their consumers:

  • Access Reverse Mortgage Corporation does not sell Customer Information.
  • Access Reverse Mortgage Corporation does not share Customer Information with any third-party unless it is a business necessity.
  • Access Reverse Mortgage Corporation does not keep Customer Information that is not necessary to accomplish its business goals.
  • Any request from a borrower to any Access Reverse Mortgage Corporation employee, who requests to have their information removed from a call or email list, is immediately removed from said list.

1.4.  Information Systems

Access Reverse Mortgage Corporation provides security throughout the life cycle of customer information, from data entry to data disposal by:

  • Securing transmission of customer information:
    • When transmitting credit card information or other sensitive financial data, a secure connection is used, so that the information is protected in transit.
    • Customers are cautioned against transmitting sensitive data, such as account numbers, via email or in response to an unsolicited email or pop-up message.
    • If sensitive data is sent via email over the Internet, the data is encrypted.

In the event of breach of customer information, Access Reverse Mortgage Corporation will:

  • notify affected customers if their personal information was subject to the breach;
  • notify law enforcement if the breach could involve criminal activity or there is evidence that the breach has resulted in identity theft or related harm;
  • notify the credit bureaus and other businesses that may be affected by the breach.

 

These materials are not from HUD or FHA and were not approved by HUD or a government agency.