Associate Privacy Including Use of Communication Resources

Bank of America respects and understands associates' concerns about privacy, including the use of the company's communication resources. The following guidelines are in place to protect the privacy and security of information.

Associate personal information

The company understands that privacy of information is important to associates. The company does not sell or otherwise share personally identifiable associate information with companies outside Bank of America enabling other companies to offer their own products to bank associates. Bank of America may, however, offer to associates the products or services of outside companies so that associates may choose to initiate contact with those companies that offer products or services of interest to them.

Bank of America does share personally identifiable information about associates with companies that work for or with Bank of America to provide personnel or associate benefit services, or product-related services on behalf of Bank of America. Such companies are expected to keep the personally identifiable information that we provide to them protected, and to use the information only to provide the services or fulfill the responsibilities they have been engaged to perform for Bank of America or its associates.

Social Security numbers

Bank of America recognizes the particular sensitivity and concern that associates have about the use of their Social Security numbers for identification purposes. Bank of America is committed to achieving broad organizational awareness about the sensitive nature of Social Security numbers and is equally committed to reducing reliance on their use as an identifier within the company.

Benefit plan information

Bank of America recognizes and respects the privacy of associate benefit plan information and complies with the Health Insurance Portability and Accountability Act of 1996 (HIPAA).

Using communication resources

Bank of America's use of information technology allows us to make banking work more efficient for customers and clients. In addition, the Internet, e-mail and intranet improve the work experience of associates.

Personal Use

Although these tools are made available primarily to make it easier for associates to do their jobs, the company recognizes these tools also can accommodate associates' personal needs while at work. Consequently, associates are permitted appropriate personal use of the Internet and other electronic tools, e-mail, and Intranet to meet personal needs that are more conveniently and appropriately accomplished during an associate's normal working day. (Note that this policy overrides any previous policies or guidelines that restricted all personal use.)

Associates are expected to act responsibly in managing their use of these tools so that it does not interfere with their work responsibilities, performance or the responsibilities or performance of others. Personal use of the Internet, e-mail and intranet provided by the company is a privilege that may be taken away at any time if abused.

Security practices

To help ensure that Bank of America associates and agents work in a safe and secure environment, the company reserves the right to take certain actions to protect the safety and security of associates, customers, suppliers and the company, including property and premises. These actions, in accordance with applicable law, include routinely recording, monitoring, conducting surveillance, inspecting and/or reviewing Internet, e-mail and intranet usage. Such actions are recognized throughout the financial services industry as essential elements of good security practices for customers and associates. Authorized company personnel, including Corporate Security, Enterprise Information Management, Global Human Resources, Legal and Internal Audit, may use these practices to uncover any activity that may jeopardize the security or integrity of the company's information or information systems, and any activity that is illegal, impermissible or inappropriate, such as the visiting of Web sites with explicit sexual content or hate/racist sites.

When working from home, either via remote access using Bank of America platforms or by accessing tools available on the Internet on www.bankofamerica.com/associates, the same security policies and associate responsibilities apply. The use of applications such as eWorkplace and NetBenefits, which manage personal information such as pay and benefits choices, demands that users ensure special care in safeguarding information.

Additional Information

The company's policies and procedures for protecting the security, confidentiality and proprietary interests of customers, associates and the company are set forth elsewhere in the Associate Handbook, Code of Ethics and Enterprise Information Management Quick reference guides, all available through NetBenefits and the Enterprise Information Management web site on the intranet. Such documents describe expected behavior, inappropriate usage of communication resources, the consequences for inappropriate usage and detailed information on monitoring, recording and inspection policies. Such company policies and procedures (other than the restriction on personal use) remain unchanged and continue to apply as currently set forth or as modified in writing in the future.