The following guidelines address situations where a client requests release of unencrypted member information such as monthly reports or statements) via any medium (such as CD-ROM, diskette, plain-text email, printed reports, etc.)
The purpose of these guidelines is to ensure that critical member data is kept safe and secure, and to make sure that credit unions understand the risks inherent in transmitting critical data other than via standard secure methods.
It is CU*Answers’ policy not to send unencrypted member data via common carrier or other unprotected electronic delivery methods.
If the release of such data is requested by the credit union, the CU shall provide indemnification to CU*Answers by returning a signed “RELEASE AND INDEMNIFICATION AGREEMENT.”
This agreement must be completed for each request of this type, detailing exactly what is being requested and signed by an authorized credit union representative.