Privacy Policy and
Access Security Requirements
A Matter of Fact fully recognizes its obligation to support and implement policies that protect the confidential nature of the information we handle and to ensure respect for consumers’ rights to privacy.
Client Obligations
Clients are Required to Sign Agreements That Certify Each of the Following: 1) All information and reports will be requested and used in accordance with the FCRA -- Fair Credit Reporting Act (including disclosure, written authorization, and copy distribution requirements). 2) Information and reports will not be used in violation of any federal or state equal opportunity law or regulation. 3) All information and reports obtained from A Matter Of Fact will be requested and used in accordance with all applicable state and federal laws and regulations (including disclosure, written authorization, and copy distribution requirements). 4) The information requested will only be used for employment purposes and only for the client's own use.
Clients Agree to These Access Requirements:
- Your usernames and passwords must be protected in such a way that this sensitive information is known only to key personnel. Under no circumstances should unauthorized persons have knowledge of your password. The information should not be posted in any manner within your facility.
- Any system access software you may use, whether developed by your company or purchased from a third-party vendor, must have your password "hidden" or embedded so that the password is known only to supervisory personnel. Each user of your system access software must then be assigned unique login passwords.
- Your A Matter of Fact username and password are not to be released by telephone to any unknown caller, even if the caller claims to be an A Matter of Fact employee. A Matter of Fact will never call you for your password.
- The ability to obtain credit information from A Matter of Fact must be restricted to a few key personnel.
- Any terminal devices used to obtain credit information from A Matter of Fact should be placed in a secure location within your facility. Access to the devices should be difficult for unauthorized persons.
- Any devices or systems used to obtain consumer reports should be turned off and locked after normal business hours, or when unattended by your key personnel.
- Hard-copy consumer reports are to be secured within your facility and protected against release or disclosure to unauthorized persons.
- Hard-copy consumer reports are to be shredded when they are no longer needed and when it is permitted to do so by applicable regulations.
A Client Certification Is Required For Each Order:
A Matter of Fact requires that the following certification be made each time a background check is requested: "I certify that this request is made in accordance with FCRA (Fair Credit Reporting Act), Americans with Disabilities Act, and all other applicable state and federal laws and regulations, including written disclosure to the consumer that a background check will be conducted, written authorization from the consumer to conduct the background check, receipt by the consumer of a copy of the report as required by law, and notification to the consumer including the name, address, and phone of the consumer reporting agency conducting the background check and a summary of the consumer’s rights. I certify that 1) all required steps have been taken, and 2) all required steps will be taken. I also certify that the information requested will be used only for employment purposes and only for the employer’s own use."
Employee, Subcontractor,
and Vendor Obligations
A Matter of Fact requires that all employees, subcontractors, and vendors hold Consumer information in strictest confidence, and requires them to take the following precautions to secure any system, device, or data used in the obtaining or processing of Consumer information:
Systems/Devices:- All systems or devices used to obtain or process Consumer or Customer information are placed in secure locations.
- All systems or devices used to obtain or process Consumer or Customer information are turned off and locked after normal business hours, or when unattended by an authorized employee, subcontractor or vendor.
- Access to any systems or devices used to obtain or process Consumer or Customer information is protected by a strong password and a hardware firewall. Such devices are not connected to the local LAN via wireless connections.
- Consumer data is transmitted over the Internet only by an encrypted (SSL or VPN) link or by sending encrypted pdf files.
- Hard-copy consumer reports are secured within the work site and protected against release or disclosure to unauthorized persons.
- Consumer information is shredded and/or deleted from any system or device as soon as the law permits.
- Media (hard drives, floppy disks, DVDs, etc.) that have contained consumer information are destroyed when no longer in use.
Employees, Subcontractors and Vendors:
- Authorization to obtain or process Consumer or Customer information, or to access any system or device used to obtain or process Consumer or Customer information, is restricted to those employees, subcontractors, and vendors with a legal permissible purpose to do so.
- Authorization and access is restricted to these individuals and these individuals alone.
- Usernames and passwords are protected in such a way that they are known only to the individual User and A Matter of Fact administrative personnel when appropriate.
- Under no circumstances are usernames or passwords released to unauthorized persons. This information is not posted in any manner within the work area.
Consumer Precautions
Consumer Requests for Information about their Background Checks:
- Proper identification is required before A Matter of Fact personnel will discuss or provide copies of a Consumer Report to the requesting consumer.
