Direct Deposit Agreement
Page
National Direct Deposit Initiative
SAMPLE AGREEMENT BETWEEN SSA AND BANKS
THIS AGREEMENT is made as of (DATE), by and between (BANK), including its subsidiary and affiliated companies, (BANK’S ADDRESS), (“Bank”) and the Social Security Administration (“SSA”).
WHEREAS, the parties desire to combine efforts to encourage the use of direct deposit by recipients of SSA benefits by sending out a joint mailing including a personalized pre-encoded direct deposit request form; and
WHEREAS, in order to identify those Bank customers who are receiving Title II Social Security benefits by checks rather than by direct deposit, SSA needs certain information from the Bank; and
WHEREAS, each party recognizes that its information is non-public and confidential, the parties desire to set forth their agreement to treat such information as confidential and proprietary in accordance with the terms and conditions hereof.
NOW, THEREFORE, in consideration of the mutual promises, covenants, and agreements made and contained herein, and intending to be legally bound hereby, the parties agree as follows:
1. Program: The operational details of this program are set forth in the attached Exhibit A, which is incorporated by reference and is a part of this Agreement. Bank agrees to provide SSA with only the customers’ names and customers’ social security numbers from that portion of its customer base necessary to fulfill the needs of this joint direct deposit effort. In addition, SSA agrees to provide Bank with information as to which Bank customers identified on the provided list are receiving Title II Social Security benefits but not through direct deposit. Both SSA and Bank consider the information to be Confidential Information, as defined below. SSA agrees to use such information only for the permitted use stated herein. SSA agrees that it will not require that a Bank customer receive his/her benefits through direct deposit through Bank as a prerequisite to receiving the benefit. Bank and SSA will agree on all marketing materials sent to Bank customers under this Agreement. Bank customers will be instructed to visit a financial office of their choice if they wish to receive direct deposit of Social Security benefits in an account other than the account referenced in the mailing.
2. Definition of Confidential Information: Whether written in machine readable form, or disclosed orally or visually to the recipient, “Confidential Information” shall mean information concerning a party’s business (including that of all subsidiaries and affiliates) including without limitation, customer and beneficiary lists and other customer data, business volumes or usage, financial information, pricing information, information related to mergers or acquisitions, software, software documentation, plans or business strategy, presentations, proposals, technical and non-technical information including patent, copyright, trade secret, and proprietary information, techniques, sketches, drawings, models, inventions, know-how, processes, apparatus, equipment, algorithms, formulae, and all information related to the party’s current, future, and proposed products and services.
3. Ownership: All Confidential Information disclosed by either party to the other party shall be and remain the property of the disclosing party. Bank and SSA agree that the electronic files exchanged by the parties under this Agreement will remain the property of the disclosing party and will be destroyed in a manner mutually agreed to by Bank and SSA or returned after the direct deposit related activities described in this Agreement are completed, but not more than 6 months after receipt of the electronic files.
4. Permitted Use: Bank and SSA agree that the Confidential Information supplied by each party will be accessed and used only for the purposes of completing the direct deposit related activities covered by this Agreement and that the Confidential Information provided by each party will not be used to extract information concerning individuals therein for any purpose not specified in this Agreement. The recipient shall limit its use of the disclosing party’s Confidential Information to the sole specific purpose of matching the information against its files to determine the identity of Bank customers who are recipients of Title II Social Security benefits and who are not receiving their benefits by direct deposit and, subsequently, encouraging those customers so identified to use direct deposit to receive their Social Security benefits. Each party shall not use any Confidential Information of the other party for its own benefit or for any purpose other than those specifically provided in this Agreement, or as otherwise required by law.
5. Confidentiality Obligations and Redisclosure Restrictions
Bank Confidentiality Obligation and Redisclosure Restrictions: Bank shall hold all Confidential Information of the SSA in the strictest confidence. Bank shall use the same degree of care to avoid disclosure or use of SSA’s Confidential Information which it employs with respect to its own proprietary or confidential information which it does not wish to have disseminated, published, or disclosed. Bank shall make no disclosure of Confidential Information beyond those of its employees or personnel who need to know such information and who specifically are made aware of and agree to the confidentiality obligations set forth herein. Bank will not disclose SSA’s Confidential Information to any other person, firm, or corporation, other than to personnel of its subsidiaries, affiliates, or legal counsel each of whom have a need to know such information and receive it subject to the same restrictions as are contained in this Agreement. Bank agrees to maintain an information security program to prevent the unauthorized disclosure, access, misuse, alteration, or destruction of Confidential Information.
Without affecting the foregoing, the bank may make disclosures to its direct mail vendor/subcontractor for the purpose of preparing, printing and mailing the return mailer that will be sent to Bank’s customers’ consistent with the terms of this Agreement. Bank’s vendor/subcontractor shall make no disclosure of Confidential Information beyond those of its employees or personnel who need to know such information to prepare, print and/or mail the return mailer to Bank’s customer and who specifically are made aware of and agree to the confidentiality obligations set forth herein. Prior to the release of any Confidential Information to a vendor/subcontractor, Bank will obtain the written agreement of the direct mail vendor/contractor to abide by the same confidentiality terms that Bank is subject to under this Agreement.
SSA Confidentiality Obligation and Redisclosure Restrictions: SSA shall hold all Confidential Information of the disclosing party in compliance with the Federal Privacy Act, section 1106 of the Social Security Act (42 U.S.C. § 1306) and other applicable laws and regulations. SSA shall make no disclosure of Confidential Information unless the disclosures are in compliance with the Federal Privacy Act, section 1106 of the Social Security Act (42 U.S.C. § 1306) and other applicable laws and regulations including the maintenance of an appropriate security program to prevent the unauthorized disclosure, access, misuse, alteration, or destruction of Confidential Information.
Other than the uses and disclosures enumerated above, Bank and SSA agree that the files provided by the other entity, and the Confidential Information contained therein, will not be duplicated or disseminated within or outside of the Bank or SSA without the written approval of the disclosing party. Neither Bank nor SSA will grant such requested authority unless the disclosure is “essential” to accomplishing the purpose of the data exchange. Under the “essential” standard, the results of the data exchange may be disclosed for follow-up and verification activities directly related to the data exchange activity, or for civil or criminal law enforcement investigation or prosecution if the data exchange uncovers activity that warrants such a result.
6. Security Procedures: SSA and Bank will adopt policies and procedures to ensure that the Confidential Information obtained from each other shall be used solely as provided under this Agreement. The parties will also safeguard all of the Confidential Information exchanged under this Agreement as follows: (a) each party shall establish appropriate administrative, technical, and physical safeguards to assure the security and confidentiality of the information and to protect against any anticipated threats or hazards to its security or integrity which could result in substantial harm, embarrassment, inconvenience, or unfairness to the subject of the information; (b) each party will store the information in an area that is physically safe from unauthorized access or use; (c) each party will process the information under the immediate supervision and control of authorized personnel in a manner which will protect the confidentiality of the information, and in such a manner that unauthorized persons cannot retrieve the information by means of computer, remote terminal or other means; and, (d) each party will transport the information under appropriate safeguards. All personnel who will have access to the Confidential Information exchanged or the records created thereby, will be advised of the confidential nature of the information, of the safeguards required to protect the information, and of the civil and criminal sanctions for noncompliance contained in applicable Federal laws.
Disposal of Waste Materials: Bank is required to demonstrate how all waste materials used in the production of any record, document and/or file containing SSA Confidential Information, as related to the implementation of the direct deposit activities authorized by this Agreement, will be definitively destroyed (ex., burning, pulping, shredding, macerating, or other suitable similar means). Electronic Records must be definitively destroyed in a manner that prevents reconstruction. Definitively destroying the records means the material cannot be reassembled and used in an inappropriate manner in violation of law and regulations. Sensitive records are records that are national security classified or exempted from disclosure by statute, including the Federal Privacy Act and applicable regulations. If the Bank selects shredding as a means of disposal, it is preferred that a cross cut shredder be used. If a strip shredder is used, the strips must not exceed one-quarter inch. The Bank must provide the location and method planned to dispose of the material. When a vendor/subcontractor is used, the same information is required, as well as how the material will be transported from the Bank to the vendor/subcontractor. The plan must include the names of all contract officials responsible for the plan and describe their duties in relationship to the waste material plan.
7. Exceptions: This Agreement shall impose no obligation with respect to Confidential Information which (a) is or becomes publicly known through no fault of the recipient or any of its subsidiaries or affiliates; (b) is lawfully received by a party, its subsidiary or affiliate, from a third party without restriction and without breach of any applicable confidentiality agreement; (c) was previously approved for release or is no longer treated as confidential or proprietary by the disclosing party; or (e) is permitted to be disclosed by law or under the order or regulation of a court or governmental agency, or to establish or enforce any rights hereunder. Where legally permissible, the recipient shall provide the disclosing party with prompt notice of a request for statutorily required disclosure or any order, summons, subpoena, or similar action of a court or governmental agency, so that a protective order or other appropriate relief may be sought by the disclosing party. Exception (a) above shall not apply to any publicly available information to the extent that the disclosure or sharing of information by one or both parties is subject to any limitation, restriction, consent, or notification requirement under any applicable federal or state information privacy law or regulation then in effect. In the event it is necessary for a recipient to disclose Confidential Information to a third party in order to perform the recipient’s duties, the recipient shall disclose only such Confidential Information as is necessary for such third party to perform its obligation to recipient and shall, before such further disclosure is made: (a) obtain the disclosing party’s written consent (which shall not be unreasonably withheld or delayed); and (b) deliver to the disclosing party a copy, certified by the recipient as being true and correct, of any agreement, acceptable to the disclosing party, prohibiting the third party’s re-disclosure, duplication, or reuse of any Confidential Information.
8. Remedies: All remedies and defenses available to each party under the law may be utilized in the event of any material breach by either party.
9. Duration and Modification: This Agreement will become effective upon the signature of both parties on the Agreement. This Agreement is for a term of six months and can be renewed by both parties. Any amendment or modification to this Agreement shall be in writing and executed by duly authorized representatives for the parties. This Agreement may be terminated at any time with the consent of both parties. Either party may unilaterally terminate this Agreement by providing written notice to the other party of its intention to terminate, and such termination shall be effective 30 days after the date of the notice, or at a later date specified in the notice.
10. Miscellaneous: Nothing contained herein constitutes an obligation on the SSA to expend funds. This Agreement shall be binding upon the parties hereto and their respective assigns and successors, subject to the consent of the non-assigning party, which consent shall not be unreasonably withheld. Any invalidity, in whole or in part, of any provision of this Agreement shall not affect the validity of any other of its provisions. No term or provision hereto shall be deemed waived and no breach excused unless such waiver or consent shall be in writing and signed by the party claimed to have waived or consented. Failure to exercise a right or remedy granted hereunder shall not be deemed a waiver of such right or remedy. This Agreement is deemed to be made under and shall be governed by and construed in accordance with appropriate laws. The parties recognize that the Gramm-Leach-Bliley Act (GLBA) (also referred to as the Financial Services Modernization Act of 1999) places certain restrictions on financial institutions when they disclose nonpublic personal information to a third party, and that the GLBA exempts financial institutions from these requirements to the extent that they are permitted or required by law to disclose information under the Right to Financial Privacy Act of 1978 (RFPA). Under this Agreement, Bank is disclosing information to SSA in conformance with the requirements of, and as permitted by, the RFPA. Therefore, the parties agree that the GLBA’s provisions do not apply to the Bank’s disclosures and that SSA will not be subject to, inter alia, any oversight/audit requirements imposed on the Bank by the GLBA. This Agreement constitutes the entire agreement and understanding of the parties with respect to the subject matter of this Agreement and supersedes all prior agreements or understandings. Nothing in this Agreement should be construed as a waiver of the Federal Government’s sovereign immunity.
| File Type | application/msword |
| File Title | NATIONAL DIRECT DEPOSIT INITIATIVE |
| Author | 777390 |
| Last Modified By | 666429 |
| File Modified | 2008-10-10 |
| File Created | 2008-10-10 |