Fair Credit Reporting: III. CUSTOMER NOTICE
Financial institutions have an affirmative duty to protect their customers’ information against unauthorized access or use. Notifying customers of a security incident involving the unauthorized access or use of the customer’s information in accordance with the standard set forth below is a key part of that duty. Timely notification of customers is important to manage an institution’s reputation risk.