Security Requirements and Resources

Access Security Requirements
We must work together to protect the privacy and information of consumers. The following information security measures are designed to reduce unauthorized access to consumer information. It is your responsibility to implement these controls. If you do not understand these requirements or need assistance, it is your responsibility to employ an outside service provider to assist you. Capitalized terms used herein have the meaning given in the Glossary attached hereto. The credit reporting agency reserves the right to make changes to Access Security Requirements without notification. The information provided herewith provides minimum baselines for information security.
> In accessing the credit reporting agency’s services, you agree to follow these security requirements:
FCRA Requirements
Federal Fair Credit Reporting Act (as amended by the Consumer Credit Reporting Reform Act of 1996)
V Although the FCRA primarily regulates the operations of consumer credit reporting agencies, it also affects you as a user of information. We have included a copy of the FCRA with your membership kit. We suggest that you and your employees become familiar with the following sections in particular:
§ 604. Permissible Purposes of Reports
§ 607. Compliance Procedures
§ 615. Requirement on users of consumer reports
§ 616. Civil liability for willful noncompliance
§ 617. Civil liability for negligent noncompliance
§ 619. Obtaining information under false pretenses
§ 621. Administrative Enforcement
§ 623. Responsibilities of Furnishers of Information to Consumer Reporting Agencies
§ 628. Disposal of Records
> Each of these sections is of direct consequence to users who obtain reports on consumers.
We support consumer reporting legislation that will assure fair and equitable treatment for all consumers and users of credit information.
Relevant Sections of the FCRA
V THE FAIR CREDIT REPORTING ACT (FCRA)
V This version of the FCRA has been edited to include only the sections relevant to you as a user of consumer report information, and includes the amendments to the FCRA set forth in the Consumer Credit Reporting Reform Act of 1996 (Public Law 104-208, the Omnibus Consolidated Appropriations Act for Fiscal Year 1997, Title II, Subtitle D, Chapter 1), Section 311 of the Intelligence Authorization for Fiscal Year 1998 (Public Law 105-107), the Consumer Reporting Employment Clarification Act of 1998 (Public Law 105-347), Section 506 of the Gramm-Leach-Bliley Act (Public Law 106-102), Sections 358(g) and 505(c) of the Uniting and Strengthening America by Providing Appropriate Tools Required to Intercept and Obstruct Terrorism Act of 2001 (USA PATRIOT Act) (Public Law 107-56), and the Fair and Accurate Credit Transactions Act of 2003 (FACT Act) (Public Law 108-159). The provisions added to the FCRA by the FACT Act will become effective at different times. In some cases, the provision includes its own effective date. In other cases, the FACT Act provides that the effective dates be prescribed by the FTC and Federal Reserve Board. See 16 CFR Part 602. (69 Fed. Reg. 6526; February 11, 2004) (69 Fed. Reg. 29061; May 20, 2004).
> § 604. Permissible purposes of consumer reports [15 U.S.C. § 1681b]
> § 607. Compliance procedures [15 U.S.C. § 1681e]
> § 616. Civil liability for willful noncompliance [15 U.S.C. § 1681n]
> § 617. Civil liability for negligent noncompliance [15 U.S.C. § 1681o]
> § 619. Obtaining information under false pretenses [15 U.S.C. § 1681q]
> § 621. Administrative enforcement [15 U.S.C. § 1681s]
> § 623. Responsibilities of furnishers of information to consumer reporting agencies [15 U.S.C. § 1681s-2]
> § 628. Disposal of records [15 U.S.C. §1681w]
NOTICE TO USERS OF CONSUMER REPORTS: OBLIGATIONS OF USERS UNDER THE FCRA
The Fair Credit Reporting Act (FCRA), 15 U.S.C. 1681-1681y, requires that this notice be provided to inform users of consumer reports of their legal obligations. State law may impose additional requirements. The text of the FCRA is set forth in full at the Consumer Financial Protection Bureau's Website at www.consumerfinance.gov/learnmore. At the end of this document is a list of United States Code citations for the FCRA. Other information about user duties is also available at the Bureau's Web site. Users must consult the relevant provisions of the FCRA for details about their obligations under the FCRA.
> I. OBLIGATIONS OF ALL USERS OF CONSUMER REPORTS
> II. OBLIGATIONS OF USERS WHEN CONSUMER REPORTS ARE OBTAINED FOR EMPLOYMENT PURPOSES
> III. OBLIGATIONS WHEN INVESTIGATIVE CONSUMER REPORTS ARE USED
> IV. SPECIAL PROCEDURES FOR EMPLOYEE INVESTIGATIONS
> V. OBLIGATIONS OF USERS OF MEDICAL INFORMATION
> VI. LIABILITY FOR VIOLATIONS OF THE FCRA