Welcome to your one-stop access to
The Federal Fair Credit Reporting Act and a number of similar state laws restrict access to consumer credit information. You must have a permissible purpose to order a consumer report. In general, except for Vermont, you may access consumer credit information when a consumer applies to you for credit or insurance to be used primarily for personal, family or household purposes or the collection of a credit account of a consumer. You may also access consumer credit information for employment purposes, provided you comply with certain additional requirements. Additionally, consumer credit information may be used for tenant screening.
Access to the Death Master File as issued by the Social Security Administration requires an entity to have a legitimate fraud prevention interest or a legitimate business purpose pursuant to a law, governmental rule regulation, or fiduciary duty, as such business purposes are interpreted under 15 C.F.R. §1110.102(a)(1).
The National Technical Information Service has issued the Interim Final Rule for temporary certification permitting access to the Death Master File ("DMF"). Pursuant to Section 203 of the Bipartisan Budget Act of 2013 and 15 C.F.R. § 1110.102, access to the DMF is restricted to only those entities that have a legitimate fraud prevention interest or a legitimate business purpose pursuant to a law, governmental rule regulation, or fiduciary duty, as such business purposes are interpreted under 15 C.F.R. § 1110.102(a)(1). As many Experian services contain information from the DMF, your use of deceased flags or other indicia within the Experian services must be restricted to legitimate fraud prevention or business purposes in compliance with applicable laws, rules and regulations and consistent with your applicable Fair Credit Reporting Act (15 U.S.C. §1681 et seq.) or Gramm-LeachBliley Act (15 U.S.C. § 6801 et seq.) use. You shall not take any adverse action against any consumer without further investigation to verify the information from the deceased flags or other indicia within the Experian services.
You shall implement and maintain a comprehensive information security program written in one or more readily accessible parts and that contains administrative, technical, and physical safeguards that are appropriate to your entity's size and complexity, the nature and scope of its activities, and the sensitivity of the information provided to you by Equifax; and that such safeguards shall include the elements set forth in 16 C.F.R. § 314.4 and shall be reasonably designed to (i) insure the security and confidentiality of the information provided by Equifax, (ii) protect against any anticipated threats or hazards to the security or integrity of such information, and (iii) protect against unauthorized access to or use of such information that could result in substantial harm or inconvenience to any consumer.
The following information security controls are required to reduce unauthorized access to consumer information. It is your (company provided access to Experian systems or data through EIS referred to as the "Company") responsibility to implement these controls. If you do not understand these requirements or need assistance, it is your responsibility to get an outside service provider to assist you. EIS reserves the right to make changes to these Access Security Requirements without prior notification. The information provided herewith provides minimum baselines for information security.
In accessing EIS's services, Company agrees to follow these Experian security requirements. These requirements are applicable to all systems and devices used to access, transmit, process, or store Experian data.
The Federal Equal Credit Opportunity Act states that a creditor must preserve all written or recorded information connected with an application for 25 months. In keeping with the ECOA, Experian requires that you retain the credit application and, if applicable, a purchase agreement for a period of not less than 25 months. When conducting an investigation, particularly following a consumer complaint that your company impermissibly accessed their credit report, Experian will contact you and will request a copy of the original application signed by the consumer or, if applicable, a copy of the sales contract.
"Under Section 621 (a) (2) (A) of the FCRA, any person that violates any of the provisions of the FCRA may be liable for a civil penalty of not more than $3,500 per violation."
|Acceptance of this document is required to complete the login process. Are you sure you would like to decline it?|