- Specific security protection practices to ensure privacy of information;
- Strict control protocols to limit access to client information;
- Formal procedures and processes to ensure the maintenance of accurate information;
- Procedures and restrictions on disclosure of client account information;
- Standards for client data collection, use, and methods of storage;
- Client data privacy covenants in third-party service and/or business arrangements;
- Staff commitment to support and to protect a client’s right to data privacy; and
- Periodic disclosure to clients of privacy benchmarks and overview of institutional privacy practices.