There is a lot of confidential information that HOA Boards keep, including personal information such as driver’s license numbers, credit card records, social security numbers, etc. When is the last time you checked to see what type of information you are keeping on HOA members, employees or vendors; and if it is confidential?
Rules pertaining to state and federal court filings in addition to privacy acts have changed over the year, but many documents still contain sensitive information. If your Board has Sensitive Private Information (SPI) on file, today is a good time to decide if you want to protect or discard the data.
Sensitive Personal Information (SPI) is defined as an individual’s name, address, or telephone number combined with any of the following:
- Social security number or taxpayer ID number
- Credit or debit card number
- Financial/salary data
- Driver’s license number
- Date of birth
- Medical or health information protected under HIPAA
- Student related data protected under FERPA
Guideline for electronic storage and disposal of SPI are:
- Do not store SPI on a PDA, laptop computer or desktop computer’s hard drive, USB drive, CD, flash memory card, floppy drive or other storage media.
- Do not store SPI in public files accessible via the Internet.
- Do not download SPI from databases unless legally required or for a standard business practice.
- Do not transmit SPI to external parties via email or the Internet unless the connection is secure or the information encrypted.
- Do not transmit SPI via PDA, laptop or any other wireless technology.
- Shred SPI when it is no longer needed.
- Do not discard SPI in the trash.
- Lock your computer, offices, and desks that contain SPI when unattended
- Password-protect all SPI and accounts with access to SPI guidelines for passwords.
Don’t leave your Board open for a lawsuit. You can protect your members, your Board and yourself by using one of the approved SPI disposal methods listed below.
- Deleting information using methods that prevent retrieval.
- Purging the media to protect the confidentiality of information.
- Destroying the media to prevent its reuse.
Having a sound security plan in place to collect only what you need, keep it safe, and dispose of it securely can help you meet your legal obligations and protect the Board and your HOA members. If you aren’t sure if you’re following the federal guidelines, contact your HOA management company or go to the Federal Trade Commission website to learn about resource that are free for you.
Wise Property Solutions serves condominium and homeowners associations by addressing their financial, association and facilities management needs. The only certified and licensed community association management firm serving the Mountain South (Virginia, North & South Carolina, Tennessee) with offices in the Tri-Cities and Knoxville. Wise Property Solutions provides condo and homeowners association management services in Johnson City, TN; Bristol, TN; Kingsport, TN; Knoxville, TN and the surrounding region.