Privacy

Question 1

RFPA covers consumer records of:

Answer 1

individuals and partnerships of five or fewer individuals

Question 2

RFPA requires that when a government agency requires a financial institution to assemble or provide records pertaining to a court order, a federal subpoena, or an administrative procedure, it must:

Answer 2

reimburse the institution for any reasonably necessary costs that were directly incurred in the production of the records

Question 3

Reimbursement for government request record production include total amounts of personnel direct time in:

Answer 3

locating, retrieving, reproducing, packaging, and preparing for shipment

Question 4

Reimbursement for government request record production will only be made for direct costs actually incurred for work that:

Answer 4

was reasonably necessary

Question 5

T or F

Specific costs for expert and legal advice are not reimbursable under RFPA

Answer 5

TRUE

Question 6

An institution may not release the government requested financial records until the government authority seeking the records:

Answer 6

certifies in writing to the financial institution that it has complied with the applicable provisions of the statute

Question 7

Who is the definition of a consumer or customer different in Reg P?

Answer 7

customers are those that you have an established business relationship with

Question 8

Banks cannot disclose non-public personal information about consumers to non-affiliated third parties unless:

Answer 8

the customer is allowed to opt out of the sharing and has not opted out

Question 9

The Privacy Notice must be provided when:

Answer 9

the relationship is established and annually if there have been changes

Question 10

What are the three sharing exceptions for Reg P?

Answer 10

* marketing

* processing and servicing

* miscellaneous (regulators, courts, required by law, etc.)

Question 11

What are the areas required by COPPA?

Answer 11

* parental notice and consent

* confidentiality and security of children’s personal information

Question 12

Bank must have a written security program with internal controls, monitoring, and reporting to the board that include:

Answer 12

* risk assessments

* safeguards

* training

* reporting

Question 13

Once a personal phone number is registered with the FTC you cannot call the number for marketing purposes unless:

Answer 13

* you have a business relationship within the last 18 months OR

* the consumer has expressly consented

Question 14

Banks are required to check the do not call list at least:

Answer 14

every 3 months for additions or changes

Question 15

If a consumer specifically asks the company in which they have a relationship with to stop solicitations then:

Answer 15

the bank must place the customers name on their internal do not call list and stop making marketing calls

Question 16

CANSPAM applies to:

Answer 16

commercial electronic mail messages whose primary purpose is to sell a product or service

Question 17

CANSPAM requires that unsolicited messages to meet what standards?

Answer 17

* no false or misleading information

* must contain a means to reply for opting out of future messages

Question 18

FCRA requires that ID Theft programs:

Answer 18

establish a program that will identify, detect, and respond to ID Theft risks

Question 19

If there is a breach in health information the customer must be notified:

Answer 19

within 60 days