Full text

If you define "privacy" as "the state of being free from public attention," then the title of the Right to Financial Privacy Act (RFPA) sounds like a customer's financial records are absolutely protected from disclosure. While there are privacy and confidentiality rules community banks must observe, the RFPA limits the audience and process for financial records' disclosure but does not offer carte blanche coverage. What are the rules, and how are they different?

The RFPA was enacted in 1978 and covers requests for financial records that financial institutions receive from a federal government authority. It defines "government authority" as any agency or department of the United States, or any officer, employee or agent thereof. It defines "financial record" as an original of, a copy of, or information known to have been derived from any record held by a financial institution pertaining to a customer's relationship with the financial institution.

The RFPA requires that:

* a customer receives notice before financial institutions disclose the customer's financial records to the government

* a customer has a right to challenge the release of his or her financial records to the government

* government agencies show records of compliance with the RFPA.

The RFPA applies to subpoenas from "any agency or department of the United States, or any officer, employee or agent thereof," otherwise known as governmental authority (12 U.S.C. 3401). Governmental authority under the RFPA is limited to the federal government. Private parties or state and local government are not regulated under the RFPA but could be under state law.

RFPA includes rules about...