| “ACCESS SECURITY
REQUIREMENTS” |
| |
| We must work together to protect the
privacy of consumers. The following measures are designed to reduce
unauthorized access of consumer credit reports. In signing the Metroroommates.com
Subscriber Service Agreement, you agree to follow these measures.
|
| |
| 1. |
You must protect your Metroroommates.com account number and
password so that only key personnel know this sensitive information.
Unauthorized persons should never have knowledge of your password. Do not
post the information in any manner within your facility. |
| |
| 2. |
System access software, whether developed by your
company or purchased from a third party vendor, must have your Metroroommates.com
account number and password “hidden” or embedded and be known only by
supervisory personnel. Assign each user of your system access software a
unique logon password. |
| |
| 3. |
Do not discuss your Metroroommates.com account number and
passwords by telephone with any unknown caller, even if the caller claims
to be an employee of Metroroommates.com. |
| |
| 4. |
Restrict the ability to obtain credit information
to a few key personnel. |
| |
| 5. |
Place all terminal devices used to obtain credit
information in a secure location within your facility. You should secure
these devices so that unauthorized persons cannot easily access them.
|
| |
| 6. |
After normal business hours, be sure to turn off
and lock all devices or systems used to obtain credit information.
|
| |
| 7. |
Secure hard copies and electronic files of consumer
reports within your facility so that unauthorized persons cannot easily
access them. |
| |
| 8. |
Shred or destroy all hard copy consumer reports
when no longer needed. |
| |
| 9. |
Erase or scramble electronic files containing
consumer information when no longer needed and when applicable
regulation(s) permit destruction. |
| |
| 10. |
Make all employees aware that your company can
access credit information only for the permissible purposes listed in the
Permissible Purpose Information section of your membership application.
Your employees may not access their own report or the report of a family
member or friend if your company does not have permissible purpose.
|
| |
| Record Retention: It is
important that you keep credit applications for a reasonable period of
time. This will help to facilitate the Investigative process if a consumer
claims that your company inappropriately accessed their credit report.
(Note: The Federal Equal Credit Opportunity Act states that a creditor
must preserve all written or recorded information connected with an
application for 36 months.) |
| |
| “Under Section 621 (a) (2) (A) of
the FCRA, any person that violates any of the provisions of the FCRA may
be liable for a civil penalty of not more than $2,500 per
violation.” |
| |
| I agree to implement and adhere to
the above controls. |
| |
| __________________________________________ |
__________________________________________ |
|
| |
| __________________________________________ |
__________________________________________ |
| Company Name |
Print
Name/Title | |
| |
| Metroroommates.com Access Security
Requirements 3.2.05.doc |