In IT Management, Network Security, Technology Audit

PII Regulations for Foreclosure and Bankruptcy AttorneysCourtesy of a rapid acceleration in Personally Identifiable Information (PII) regulations, banks are cracking down on their legal partners. The ensuing chaos has foreclosure and bankruptcy firms around the country scrambling to bring their IT up to snuff in order to prevent losing valuable relationships with the banks that send them business. Our clients are feeling this pain too.

Here are just 10 regulations we’ve seen from various bank lenders that could cost you big:

  1. If you’re running free-ware antivirus, kiss just about any lender goodbye; if you’re paying for anti-virus it needs to be up to date if/when your firm is audited
  2. You need to provide training for your employees on your company’s privacy policy
  3. You need a written anti-fraud policy, including procedures that address fraud risk
  4. Firm cannot engage in business transactions with parties prohibited by OFAC (Office of Foreign Assets Control)
  5. Your physical office space as well as your computing assets need to be locked and, in some cases, alarmed (your actual office, desk drawers, desktops, file cabinets, etc.)
  6. All hard drives and removable media need encryption
  7. You can’t have default vendor passwords, and some lenders require ‘strong-passwords’
  8. Strict no-use policy regarding peer-to-peer file sharing services (i.e., Limewire, Gnutella, etc.)
  9. Some financial institutions prohibit web-based backup services, and most if not all require encrypted back up and/or offsite storage
  10. Some lenders have indicated that they strongly discourage social networking sites

Keep in mind that each financial institution is different and there is no uniform guidebook across all lenders. Firms need to get in front of these problems as early as possible so don’t wait until you’re audited.  Ask your lenders for their IT regulations checklists, call your Managed Services Provider / Internal IT Dept., and begin the compliance process now. You don’t want your lenders to stop sending business because you didn’t know having ‘password’ as your password violates their PII regulations.

Contact Us

We're not around right now. But you can send us an email and we'll get back to you, asap.