[Justin McCrone]

I just paid the setup fee for a CRM that monitors our past clients and alerts us if they had a credit pull with another lender. It is a way of getting notified if you are being shopped or if a previous client is in the market for a new mortgage. It sounds like a wonderful service and I recognize the value that they provide. I was about to import my database, but paused thinking about potential privacy issues. For those of you who use services like this, how do you protect yourself from a compliance standpoint? More specifically, as it relates to GLBA. Have you had to add a disclosure or amend your Privacy Policy when getting set up with something like this, or any CRM for that matter? My concern is that this particular platform asks for A LOT of data points beyond the typical name/address/email. And I get that the nature of their service requires this info. My concern is that we are expected to keep our client’s data private and I do not want to compromise that trust. Talk to me about best practices and how all of you are handling this.

[Dustin Owen]

I work for a bank owned mortgage lender. I say that because we take compliance serious. We use MonitorBase to track credit pulls, HomeBot (to market to our past closed clients) and Jungo for our CRM (track leads, drip market to prospective borrowers, communicate with borrower and their agents when a file is in process etc.)

We do so and feel very compliant. None of those systems have no public date. Non-public data is info such as Social Security Numbers and Bank Account Numbers. Names, DOB, Contact Info, Home Address, purchase price of home, estimated home value, mortgage, mortgage amount and interest rate is all data that is public.

Having an Opt-Out in your message is key.

[Author]

Posts