November 12, 2010 - 1:19pm
#1
I'm wondering how others handle individual information security breaches. I am only referring to breaches that are done by staff accidentally where only one or two members information was breached. For example, if a loan processor accidentally sends out loan documents containing confidential information to another member. Do you have a policy or procedure regarding disciplinary action and what is expected as to the managers response? Any feedback would be appreciated.
Added 11/15/10 - We also have software to detect certain criteria from leaving the CU via e-mail. I'm specifically looking at regular mail - one example would be where a bunch of mortgage documents were mailed to another member.
