ALEXANDRIA, Va. (8/27/15)--Recently updated examination procedures from the National Credit Union Administration are intended to strengthen safeguards for data received electronically during an examination.
The NCUA defines “sensitive data” as: information which by itself, or in combination with other information, could be used to cause harm to a credit union, credit union member or any other party external to the NCUA; and any information concerning a person or their account which is not public information, including any non-public personally identifiable information.
“In order to ensure sensitive electronic credit union and member data is well protected, the data held by NCUA needs to be encrypted,” reads the letter, signed by Larry Fazio, director of the NCUA’s Office of Examination and Insurance. “The process of exchanging this data between credit unions and examiners also needs to be secure and well controlled.”
Effective immediately, NCUA examiners may only accept sensitive data electronically through:
“The above protocols reflect the initial steps NCUA is taking to strengthen the safeguards for sensitive data received electronically from a credit union during an examination,” the letter reads. “NCUA is in the process of acquiring a secure file transfer solution (such as an online portal) to facilitate examiner staff and credit unions securely and efficiently exchanging information.”
Fazio added that agency aims to have such a solution in place early in 2016.