DATA SECURITY

In 2009 collection agencies experienced a heightened awareness of security and data loss prevention. Data Security requirements are changing in 2010 as well. CBNA has been proactive in preparing for these changes. We are committed to ensuring that clients and their debtor’s personal information will be handled in a secure manner.

Red Flag Rules compliant. CBNA implemented and strictly enforces a written Identity Theft Prevention Program per FTC (Federal Trade Commission) guidelines.

• PCI (Payment Card Industry Data Security Standard) - CBNA is certified PCI compliant and maintains that standard throughout the company.

• ISO27002 Compliant. ISO27002 is an internationally recognized standard code of practice for information security management. It is the only information security “standard” devoted to information security management guidance in a field generally governed by operational details. CBNA is awaiting ISO 27002 certification. Areas of security addressed:

•  Operational Security
•  Application Security
•  Computing Platform Security
•  Network Security
•  Physical Security

• HIPAA and HITECH Act (2010) CBNA adheres to the compliance issues associated with the Healthcare industry.

• FDCPA & FCRA CBNA adheres to compliance with the Fair Debt Collection Practices Act (FDCPA) and the Fair Credit Reporting Act (FCRA) as well as state equivalent requirements for all states that have enacted such laws.