A key component of The McGraw-Hill Companies’ relationship with our customers is our dedication to protecting the personal data provided to us by our customers and prospects. We make every effort to balance our need for certain personally-identifiable information in order to provide you with customized quality products and services with your reasonable expectations that we will handle your data responsibly. Toward that end, in mid-1997 we developed and began implementing a comprehensive Customer and Prospect Privacy Policy ("Policy") that governs our collection, use and distribution of information about our customers. The Policy governs our customer privacy practices on our more than 80 Web sites covering more than 100 brands.

We also recognize the critical importance of other organizations establishing and implementing a comprehensive Customer Privacy Policy and have continued our efforts to work with other organizations to develop programs tailored to meet their own customer and business needs.

This report is designed to provide customers and prospects with a summary of our experiences over the past year, including:

1. Changes to the Policy in the past year; and
2. Customer and policy maker reaction to our Policy.

To be effective, our Customer Privacy Policy must continue to evolve. Throughout the course of 1998 we modified the original Policy to reflect changes in customer expectations, in policy maker sentiment, in our own business practices and in technology. As a result, we launched and began implementing a revised Policy on January 15, 1999. We also developed and began an internal compliance program to ensure - through a series of checks and balances - that we are living up to our Policy.

The new Policy clarifies our data collection, use and handling practices and better communicates what our Policy is and how you may exercise reasonable choices about how information we collect from you may be used outside of our organization. Specifically, guidelines for implementing the revised Policy include: new specifications for placement of Notice to customers and prospects; expanding the type of contact information the Notice contains to make it easier for you to reach us with questions or comments; and developing a comprehensive internal process to ensure we are accountable for implementation of and compliance with the Policy.

Our compliance process includes the following components:

The Corporation has established a standing Customer Privacy Steering Committee consisting of senior managers and executives across all of our business units and Corporate departments, charged with:

• Overseeing implementation of the Policy throughout the Corporation, including overseas;
• Responding to issues regarding the Policy raised by Privacy Officials or customers;
• Staying aware of new technologies affecting customer privacy;
• Reviewing and updating the Policy to reflect changing customer expectations, technology and legal developments; and
• Conducting educational programs for Privacy Officials.

We have begun conducting periodic random reviews to assess the degree of compliance with the Policy. The Customer Privacy Steering Committee contacts the appropriate internal Privacy Official if compliance problems are identified and then works with the unit to bring it into compliance. We will compile and report the results of our reviews to Corporate Senior Management.

The McGraw-Hill Companies’ Code of Business Ethics has been expanded to include a commitment to complying with the Corporation’s Customer Privacy Policy. Violation of the Code of Business Ethics may result in disciplinary action, including termination.

In those limited instances when a customer request/problem is not resolved through the appropriate Privacy Official, the customer may contact the Privacy Steering Committee Co-Chairs and request assistance in resolving the dispute. The Co-Chairs, who are senior managers, will conduct a prompt review of the issue and work with the Privacy Official to resolve the matter. A written response will be provided to the customer within 90 days.

Each of those business units that target their products or services to children have appointed senior-level "Personally-Identifiable Information Guardians" responsible for:

• Overseeing implementation of special safeguards for information collected from children;
• Employee training regarding the Customer Privacy Policy; and
• Dissemination of Customer Privacy Policy updates.

The end result of these changes to our Policy and business processes should be a more clearly articulated and better understood Customer and Prospect Privacy Policy that is incorporated into all aspects of our organization, from product development and customer service to marketing considerations. And of course, we also hope that you, our customers and prospects will have the information you need about our privacy practices to help you make informed choices about how your information is handled by The McGraw-Hill Companies.

We are very proud of the accolades we have received from policymakers and, most importantly, our customers. Our experience shows that once we tell you what types of personally-identifiable information we are collecting from you, the purposes for which it is being used and the benefits received in exchange, you are comfortable with how we make use of the information. And we enable you to choose NOT to have the personally-identifiable information we collect from you shared outside of The McGraw-Hill Companies via an easy-to-find and easy-to-use Opt Out mechanism at the point of collection on our Web sites. The proof that this kind of customer empowerment works? Since we began implementing our Policy, the average rate of "Opt Out" by customers and prospects has been less than five percent.

The Corporation’s commitment to implement a comprehensive Customer Privacy Policy has been undertaken while achieving record financial growth and strengthening our technology to improve business processes, products and their delivery. We have continued our long tradition of providing individuals with information products and services that help them reach their potential at home, at school and at work. 1998 was another year of significant progress for The McGraw-Hill Companies. In fact, our company had its best year ever. Our 1998 financial results represent the sixth consecutive year of record performance. We have successfully aligned our businesses with two of the most powerful forces shaping the global landscape: the growth of the global economy and the progress of technology. From our Standard and Poor’s financial services to Business Week and McGraw-Hill educational materials, the Internet and electronic commerce are transforming all of our businesses.

We are proud of this success, and recognize that it is based on a strong relationship with our customers founded on trust - in the excellence of our brands and in how The McGraw-Hill Companies deals with its customers and prospects. The 16,500 men and women of The McGraw-Hill Companies around the globe have worked hard to develop and protect these relationships.

We will continue to update you about our experiences with our Customer Privacy Policy and alert you to any changes we make. We welcome your feedback, comments and suggestions. Please feel free to email us at: washaff@mcgraw-hill.com.

Harold W. McGraw III

President and Chief Executive Officer, The McGraw-Hill Companies

The following resource is available online.

A summary of our Privacy Policy.