We have recently been directed by our outside audit company who reviews our mortgage loans to put a copy of the privacy act in each loan file. We have been giving them to each loan application, but not keeping them in our file. It is our policy to give a copy of the privacy act to each applicant. If it’s in our policy, isn’t that sufficient?
There is not a regulatory requirement to have them in your files. Having them in your files is not a bad idea, but not necessary in my opinion if you have it in your policy.