Protection of Private Data Policy

Purpose


It is the policy of Whittlesey & Hadley, P.C. to protect personal information, regardless of whose information it might be. Protection of personal information is to prevent the unauthorized acquisition or unauthorized use of unencrypted data, or encrypted data and the confidential password capable of compromising the data’s security, that creates a substantial risk of identity theft or fraud against an individual or individuals.


Scope


This policy applies to all employees of Whittlesey & Hadley whenever, and wherever, they have, hold or are responsible for personal information. The scope of this document includes both electronic and/or written files. It applies to all employees of the Firm.



Personal information must only be used for business purposes. It is expressly forbidden to use, distribute, license or sell personal information for any reason outside of normal business purposes. Personal information may, however, be released for a legitimate, properly documented request of a governmental or regulatory body upon approval of the managing partner of the Firm. Personal information may also be released to a third party for legitimate business purposes under the guidelines of IRS Code Section 7216 upon receipt of a signed consent form by the relevant party.


<