State Farm ISA Training Test Answered 100% Correct

Information Security and Privacy Policies - ANSWER-Establish expectations and standards for protecting information based on customer, business, market, regulatory, and technology drivers Privacy Policy - ANSWER-Intended to support compliance with State Farm privacy notices and to educate employees, management, Business Area Privacy Representatives, and agents on the requirements of privacy compliance Notice of Privacy Policy - ANSWER-Communicates how we protect, collect, use, and share customer information State Farm Privacy Principles - ANSWER-- We do not sell customer information - We do not allow those who are doing business on our behalf to use our customer information for their own marketing purposes - We contractually require any person or organization provided products or services on our behalf to protect customer information - We do not share customer medial information within SF family of companies unless you authorize it, its permitted/required by law, or your insurance company policy with us permits us to do so - We may share customer information and permit others to use that info if you give us your consent, it is necessary to complete a transaction you request, or otherwise permitted by law - We handle info about former and prospective customers the same as existing If a customer selects Do Not Share - ANSWER-- We will not share certain types of personal information such as marital status and occupation between affiliates. - DNS data fields will not pre-populate within applications and quotes. Never appropriate to change a customer's preference for convenience of completing applications PI (Personal Information) - ANSWER-Info about an individual (36 year old female) - Tier 3 Info PII (Personally Identifiable Information) - ANSWER-Personal information about an identified individual (Mary Smith, living at 181 Main Street) - Tier 2 info NPI (Nonpublic Personal Information) - ANSWER-Any personally identifiable information; - Provided by a customer or consumer to a financial institution (SF) - Resulting from any transaction with a customer or consumer or any service performed for the customer or consumer - Otherwise obtained by the financial institution about the customer or consumer (Mary Smith providing her personal information to State Farm) - Tier 2 info SPI (Sensitive Personal Information) - ANSWER-(Mary Smith's SF Bank credit card number) - Tier 1 Info PHI (Protected Health Information) - ANSWER-- Tier 1 Info BPI (Business Protected Information) - ANSWER-- Tier 2 info PCI (Payment Card Industry) - ANSWER-- Tier 1 Info EBPI (Elevated Business Protected Information) - ANSWER-- Tier 1 Info Terminating System Access - ANSWER-When an agent team member is no longer employed by the agent, the team member ID need to be removed to prevent security vulnerabilities - Agents should submit a request to terminate system access using the Terminate Team Member System Access Form - Obtain any office keys from the team member or change office entry security codes PCI Data Security Standard - ANSWER-Failure to comply may be considered violation of state law and also breach of contract that could result in card brands electing to revoke the ability of SF to accept credit/debit payments. All data must be treated in consistent manner with EISP policies PCI Security Standards - ANSWER-- Never enter credit/debit card data in email, IM, or text - Never electronically copy and paste card data - Carefully inspect all paper copies prior to scanning to make sure card data has been masked or made unreadable - Card data should never be written down or saved for later use - Data should never be transferred to portable electronic storage media - Data should only be entered in designate fields within authorized applications and never entered into free-form text fields - Never store card data outside approved systems - When handling/finding card data, only display the last four digits if it must be referenced, do not mask using highlighter, do not type letters over the data as it does not cover - When handling data in paper format, use perm black marker to strike through all but the last four digits of the primary account number and destroy info by using a micro-cut shredder or placing in a locked recycle bin