Data Privacy Protocols
The JPMorgan Chase Institute has adopted rigorous security protocols and checks and balances to ensure all customer data are kept confidential and secure. Our strict protocols are informed by statistical standards employed by government agencies and our work with technology, data privacy and security experts who are helping us maintain industry-leading standards.
There are several key steps the Institute takes to ensure customer data are safe, secure and anonymous:
- Before the Institute receives the data, all unique identifiable information – including names, account numbers, addresses, dates of birth and social security numbers – is removed.
- The Institute has put in place privacy protocols for its researchers, including requiring them to undergo rigorous background checks, and enter into strict confidentiality agreements. Researchers are contractually obligated to use the data solely for approved research, and are contractually obligated not to re-identify any individual represented in the data.
- The Institute does not allow the publication of any information about an individual consumer or business. Any data point included in any publication based on the Institute’s data may only reflect aggregate information.
- The data are stored on a secure server and only can be accessed under strict security procedures. The data cannot be exported outside of JPMorgan Chase’s systems. The data are stored on systems that prevent them from being exported to other drives or sent to outside email addresses. These systems comply with all JPMorgan Chase Information Technology Risk Management requirements for the monitoring and security of data.
The Institute prides itself on providing valuable insights to policymakers, businesses, and nonprofit leaders. But these insights cannot come at the expense of consumer privacy. We take all reasonable precautions to ensure the confidence and security of our account holders’ private information.