A system and method for maintaining customer privacy where an identity of the customer must be divulged. The invention includes separating data associated with the institution into a first database of private data and a second database of public data; storing an encrypted copy of the private data and an unencrypted copy of the public data with an intermediary service provider; providing to the customer a security system that allows the customer to decrypt the encrypted data and remain anonymous to the intermediary service provider; merging the encrypted copy of the private data and the unencrypted copy of the public data; and providing an interface that allows the customer to view the merged data.