Privacy and Security Policy
Your privacy is important to us. To better protect your privacy we provide
this notice explaining our online information practices. To
make this notice easy to find, we make it available as a
footer link that will appear on selected ISOnet (SM) pages.
This notice applies to all information collected from you or
submitted to us, when you use this Web site to register for
ISOnet products and services, sign up for additional ISOnet
products, or otherwise communicate with us through
ISOnet@iso.com.
You and your employees may come in contact with confidential and/or
personally identifiable information (such as name, street address,
date of birth, social security number, income/credit history), as
part of your participation with ISO. We recommend that you and your
employees exercise due diligence to maintain the privacy,
confidentiality and security of the personally identifiable
information, as well as other confidential/sensitive information.
Your agreement with ISO and applicable laws may require you to
implement security procedures to ensure the privacy and
confidentiality of certain information. This policy provides
recommendations, best practices and awareness to common, critical
information security issues.
Access Control
Information should only be accessed by authorized individuals who have
a legitimate business purpose and on a need-to-know basis. To assist
you in this area, ISO will issue a unique logon ID and/or password for
individuals who need to access particular information. All requests
for first-time IDs, passwords and access privileges and future changes
to them, must be made in writing with the employee’s full name,
employer’s name, and description of request.
Children
ISOnet does not knowingly solicit data from or market to
children under the age of 13.
Passwords
We recommend that you immediately change your initial password after
we issue it to you to ensure confidentiality and uniqueness.
If you signed a contract with us, please adhere to the password
rotation timeframe specified in the agreement. If your contract does
not specify a password rotation schedule, we recommend that you
adopt a 90 day password rotation procedure.
The following guidelines will help create a secure environment to
protect your password:
- Use passwords that cannot easily be guessed; passwords
that do NOT contain obvious personal information that can be easily
identified (such as a child or spouse’s name or birthday, etc.)
- Passwords should contain a combination of
unpronounceable alpha, numeric and special characters.
- Passwords should be changed if there is suspicion that
someone has gained knowledge of your password.
- Never reveal, share or write down passwords.
Virus Protection
We urge anyone who connects to our systems to install and regularly
(weekly) update anti-virus software.
Disposal of Stored Information
Disposal of personal and confidential information must be done in a
manner that is permanent (e.g., physically cutting magnetic media,
and shredding hard copy documents).
Copyrights and Trademarks
The information obtained from an ISO-sponsored website can not be
changed, sold, copied or licensed for public or commercial use unless
expressed authorized consent is obtained.
Cookies
We may use cookies as a vehicle to customize your area(s) of
interest and provide information that is specific to your needs.
Cookies are small computer files written to the hard drive that
facilitate web navigation and enable us to collect statistics
about your visit to the site.
DISCLAIMER ISO MAKES NO REPRESENTATIONS, COVENANTS OR
WARRANTIES OF ANY KIND, EITHER EXPRESS OR IMPLIED, WITH RESPECT TO
THIS POLICY, INCLUDING BUT NOT LIMITED TO WARRANTIES OF SUITABILITY,
OR FITNESS FOR A PARTICULAR PURPOSE, OR IN RESPECT OF ANY WARRANTY
ARISING BY STATUTE OR OTHERWISE IN LAW OR FROM A COURSE OF DEALING OR
USAGE OF TRADE. THE INFORMATION INCLUDED IN THE POLICY ARE ONLY
RECOMMENDATIONS, AND ISO MAKES NO WARRANTIES OR REPRESENTATIONS,
EITHER EXPRESS OR IMPLIED, THAT THE POLICY WILL PROVIDE YOU WITH
PRIVACY AND SECURITY MEASURES THAT REFLECT, PREDICT OR RESEMBLE
EXPERIENCE FOR THE ENTIRE INSURANCE INDUSTRY. ISO SHALL HAVE NO
LIABILITY FOR ANY DAMAGES THAT MAY ARISE AS A RESULT OF CUSTOMER
FOLLOWING THIS POLICY. THIS POLICY IS ONLY FOR ADVISORY PURPOSES
AND IS PROVIDED AS IS.
Special Rules for ISO ClaimSearch® Customers
Your employees and authorized users must use the database exclusively
for insurance claims processing and investigation for fraud
detection, prevention and investigation. You may not use the
database for insurance underwriting (including ratemaking, risk
classification, actuarial calculations, and identification of
prospective Licensees or reclassification of Licensees), policy
cancellation or renewal, establishing or stabilizing claims payment
levels, granting of credit or other similar purpose.
Your employees who are involved in the investigation and payment of
claims must be the only persons to receive or use claim reports and
other information from ISO ClaimSearch®. You must notify ISO
immediately of any change in the designation of employees accessing
ISO ClaimSearch.
You must not use any information received from the ISO ClaimSearch®
for consumer credit purposes, consumer insurance underwriting,
employment purposes, or for any other purpose covered by the federal
Fair Credit Reporting Act (15 U.S.C. & 1681 et seq.) or similar
state or local statute, rule, or regulation.
Special Rules for A-PLUS™ Customers
Customers may use A-PLUS™ reports as an aid in evaluating the
underwriting risks involved in pending insurance applications or in
making decisions concerning the issuance, renewal, cancellation, or
termination of insurance policies. You may not use A-PLUS™ reports
for claims administration or for any other purpose. You may
provide copies of A-PLUS™ reports only to authorized persons,
and must use the reports for a permissible purpose as required by
applicable law or regulation including, without limitation, the Fair
Credit Reporting Act (15 U.S.C. & 1681 et seq.).
Special Rules for iiX Customers
iiX Information Reports, products and services are provided solely
for customer's internal use and may not be resold, sublicensed,
delivered or displayed in any way or used by any third party. iiX
information may only be used as a factor in establishing a consumer’s
eligibility for new or continued insurance or employment purposes,
unless further restricted by state law, or as otherwise provided in
your subscription agreement.
Special Rules for ISOPAXSM
All premium audit reports obtained via this service are confidential and
are provided solely for use in connection with the customers insurance
underwriting and rating programs.
|
