IDENTITY THEFT PREVENTION (Red Flag) POLICY
|
|
- Charlotte Morris
- 6 years ago
- Views:
Transcription
1 IDENTITY THEFT PREVENTION (Red Flag) POLICY The risk to the College, its employees and students from data loss and identity theft is of significant concern to the College and can be reduced only through the combined efforts of every employee and vendor. The College developed and adopted this Identity Theft Prevention policy pursuant to the Federal Trade Commission s ( FTC ) Red Flags Rule, which implements Section 114 of the Fair and Accurate Credit Transactions Act of This program is to help protect employees and students from damages related to the loss or misuse of sensitive information. This policy enables the College to protect existing employees and students, reducing risk from identity fraud, and minimizes potential damage to the College from fraudulent new accounts. The program will help the College identify risks that signify potentially fraudulent activity within new or existing covered accounts; detect risks when they occur in covered accounts; respond to risks to determine if fraudulent activity has occurred and act if fraud has been attempted or committed; and update the program periodically, including reviewing the accounts that are covered and the identified risks that are part of the program. This policy and protection program applies to employees and students at the College, including all personnel affiliated with third parties. DEFINITIONS AND PROGRAM Identity Theft fraud committed or attempted using the identifying information of another person without authority. Red Flag a pattern, practice or specific activity that indicates the possible existence of Identity Theft. Covered Account includes all student accounts or loans that are administered by the College. Also any business, personal and student financial aid account for which there is a reasonably foreseeable risk to the safety of the College from identity theft, including financial, operational, compliance and litigation issues. Sensitive or Identifying Information - any name or number that may be used, alone or in conjunction with any other information, to identify a specific person. It includes the following items whether stored in electronic or printed format: 1. Credit card information, including any of the following: Credit card number (in part or whole) Credit card expiration date Cardholder name Cardholder address 2. Tax identification numbers, including: Social Security number Business identification number Employer identification numbers
2 3. Payroll information, including, among other information: Paychecks Pay stubs Direct deposit requests 4. Flex Spending plan check requests and associated paperwork 5. Medical insurance information for any employee or student, including but not limited to: Doctor names and claims Insurance claims Any related personal medical information 6. Maroon Card Funds on the account 7. Other personal information belonging to any employee or student, examples of which include: Date of birth Address Phone numbers Maiden name Names Government issued driver s license or I.D. number Alien registration number Government passport number Employee or Student Identification number Computer s Internet Protocol address or routing code NOTE: College personnel are encouraged to use common sense in securing confidential information to the proper extent. If an employee is uncertain of the sensitivity of a particular piece of information, he/she should contact their supervisor. Hard Copy Distribution - Each employee and vendor performing work for the College will comply with the following policies: File cabinets, desk drawers, overhead cabinets, and any other storage space containing documents with sensitive information will be locked or in a locked room when not in use or when unsupervised. Storage rooms containing documents with sensitive information and record retention areas will be locked at the end of each workday or when unsupervised. Desks, workstations, work areas, printers and fax machines, and common shared work areas will be cleared of all documents containing sensitive information when not in use or when unattended. Whiteboards, dry-erase boards, writing tablets, etc. in common shared work areas will be erased, removed, or shredded when not in use. When documents containing sensitive information are discarded they will be placed inside a locked shred bin/area or immediately shredded. Electronic Distribution - Each employee and vendor performing work for the College will comply with the following policies: Internally, sensitive information may be transmitted using the Colleges system. All sensitive information must be secured via password protection when stored in an electronic format.
3 Any sensitive information sent externally must be password protected and only to approved recipients. Additionally, a statement such as the following should be included in the This message may contain confidential and/or proprietary information and is intended for the person/entity to whom it was originally addressed. Any use by others is strictly prohibited. No sensitive information should leave the College which is not secured. Third Party Software or Service providers Each third party vendor with whom the College contracts will be required to sign a formal agreement stating that all federal laws, internal policies and safe guards by which the College must abide will be followed to insure that College data will be protected. IDENTIFICATION OF RED FLAGS In order to identify relevant Red Flags, the College considers the types of accounts that it offers and maintains, methods it provides to open its accounts, methods it provides to access its accounts, and its previous experience with Identity Theft. The following red flags are potential indicators of fraud. Any time a red flag, or a situation closely resembling a red flag, is apparent, it should be investigated for verification. Notifications and Warnings from Credit Reporting Agencies Report of fraud accompanying a credit report; Notice or report from a credit agency of a credit freeze on an applicant; Notice or report from a credit agency of an active duty alert for an applicant; Receipt of a notice of address discrepancy in response to a credit report request; and Indication from a credit report of activity that is inconsistent with an applicant s usual pattern or activity. Suspicious documents - Identification document or card that appears to be forged, altered or inauthentic; Identification document or card on which a person s photograph or physical description is not consistent with the person presenting the document; Other document with information that is not consistent with existing student information; and Application for service that appears to have been altered or forged. Suspicious personal identifying information - Identify information presented that is inconsistent with other information provided (example: inconsistent birth dates); Identifying information presented that is inconsistent with other sources of information (for instance, an address does not match any address on file with the College); Identifying information presented that is the same as information shown on other applications that were found to be fraudulent; Identifying information presented that is consistent with fraudulent activity (such as an invalid phone number or fictitious billing address); Social security number presented that is the same as one given by another person; An address or phone number presented that is the same as that of another person; A person fails to provide complete personal identifying information on an application when reminded to do so; and A person s identifying information is not consistent with the information that is on file. Unusual use of, or suspicious activity related to, the covered account Change of address for an account followed by a request to change the student s name;
4 Payments stop on an otherwise consistently up-to-date account; Account is used in a manner that is not consistent with prior use; Mail sent to the person is repeatedly returned as undeliverable; Notice to the College that mail sent by the College is not being received; Notice to the College that an account has unauthorized activity; Breach in the College s computer system security involving personal information; and Unauthorized access to or use of account information. DETECTING RED FLAGS Student Enrollment In order to detect any of the Red Flags identified above associated with the enrollment of a student, College personnel will take the following steps to obtain and verify the identity of the person opening the account: Require certain identifying information such as name, date of birth, academic records, home address or other identification; and Verify the student s identity at time of issuance of student identification card (review of driver s license or other government-issued photo identification). Existing Accounts In order to detect any of the Red Flags identified above for an existing Covered Account, College personnel will take the following steps to monitor transactions on an account: Verify the identification of students if they request information (in person, via telephone, via facsimile, via ); Verify the validity of requests to change billing addresses by mail or and provide the student a reasonable means of promptly reporting incorrect billing address changes; and Verify changes in banking information given for billing and payment purposes. Employee Information In order to detect any of the Red Flags identified above for employees, College personnel will take the following steps to protect employee information: Verify the identification of employees if they request personal information (in person, via telephone, via facsimile, via ); Verify the validity of requests to change addresses or phone numbers by phone or . Verify outside requests for verification of employee confidential information (employment verifications). RESPONDING TO RED FLAGS Once a potentially fraudulent activity is detected, the College must act as quickly as appropriate to protect students, employees and the College from damages and loss. All related documentation should be gathered and a description of the situation should be written. This information should be presented to a designated authority for determination. The designated authority will complete additional authentication to determine whether the attempted transaction was fraudulent or authentic. If a transaction is determined to be fraudulent, appropriate actions must be taken immediately. Actions may include canceling the transaction; notifying and cooperating with appropriate law enforcement; determining the extent of liability of the College or damage to the College; notifying the appropriate person that a fraud has been attempted and notifying any appropriate insurers. In cases where an individual s personal information on college owned systems has been compromised, the College will provide monitoring services to identify activities that could be
5 indicators of additional fraud. This service will be offered to the individual up to one year following the original fraudulent activity. PROTECTING AGAINST IDENTITY THEFT Student Identifying Information In order to further prevent the likelihood of Identity Theft occurring with respect to Covered Accounts, the College will take the following steps with respect to its internal operating procedures to protect student identifying information: Ensure that its website is secure or provide clear notice that the website is not secure; Ensure complete and secure destruction of paper documents and computer files containing student account information when a decision has been made to no longer maintain such information; Ensure that office computers with access to Covered Account information are password protected; Avoid use of social security numbers; Ensure computer virus protection is up to date; and Require and keep only the kinds of student information that are necessary for College purposes. Employee Identifying Information In order to further prevent the likelihood of Identity Theft occurring with respect to employees, the College will take the following steps with respect to its internal operating procedures to protect employee identifying information: Ensure that the employee website is secure or provide clear notice that the website is not secure; Ensure complete and secure destruction of paper documents and computer files containing employee information when a decision has been made to no longer maintain such information; Ensure that office computers with access to employee information are password protected; Avoid when possible the use of social security numbers; Ensure computer virus protection is up to date. PERIODIC UPDATES At periodic intervals, the program will be re-evaluated to determine whether all aspects are up to date and applicable in the current business environment. Periodic reviews will include an assessment of which accounts are covered by the program. As part of the review, red flags may be revised, replaced or eliminated. Defining new red flags may also be appropriate. Actions to take in the event that fraudulent activity is discovered may also require revision to reduce damage to the College and its population. PROGRAM ADMINISTRATION Involvement of management - The Identity Theft Policy shall not be operated as an extension to any other existing fraud prevention programs. It shall be a separate stand alone policy. The Identity Theft Policy is the responsibility of the management of the College. Approval of the initial policy must be appropriately documented and approved by Cabinet. Operational responsibility of the policy is delegated to the VP for Information Technology & Public Relations. Staff training - Staff training shall be conducted for all employees and vendors for whom it is reasonably foreseeable may come into contact with covered accounts or personally identifiable information. The VP for IT & PR is responsible for ensuring identity theft training for all requisite employees and vendors. Employees must receive annual training in all segments of this policy. To ensure maximum effectiveness, employees may continue to receive additional training as changes to the program are made.
6 Oversight of Vendor/Service Provider arrangements - It is the responsibility of the College to ensure that the activities of all vendors are conducted in accordance with reasonable policies and procedures designed to detect, prevent, and mitigate the risk of identity theft. A vendor that maintains its own identity theft prevention program, consistent with the guidance of the red flag rules and validated by appropriate due diligence, may be considered to be meeting these requirements. Any specific requirements should be specifically addressed in the appropriate contract arrangements.
A Guide to Benedictine College and Identity Theft
IDENTITY THEFT PREVENTION PROGRAM The risk to Benedictine College, its employees and students from data loss and identity theft is of significant concern to the College and can be reduced only through
MCPHS IDENTITY THEFT POLICY
SECTION 1: BACKGROUND MCPHS IDENTITY THEFT POLICY The risk to the College, its employees and students from data loss and identity theft is of significant concern to the College and can be reduced only
The University of North Carolina at Charlotte Identity Theft Prevention Program
The University of North Carolina at Charlotte Identity Theft Prevention Program Program Adoption As a best practice and using as a guide the Federal Trade Commission s ( FTC ) Red Flags Rule ( Rule ),
THE LUTHERAN UNIVERSITY ASSOCIATION, INC. d/b/a Valparaiso University IDENTITY THEFT PREVENTION PROGRAM
THE LUTHERAN UNIVERSITY ASSOCIATION, INC. d/b/a Valparaiso University IDENTITY THEFT PREVENTION PROGRAM SECTION 1: BACKGROUND The risk to Valparaiso University ("University"), its employees, students (in
SOUTH TEXAS COLLEGE. Identity Theft Prevention Program and Guidelines. FTC Red Flags Rule
SOUTH TEXAS COLLEGE Identity Theft Prevention Program and Guidelines FTC Red Flags Rule Issued June 24, 2009 Table of Contents Section Section Description Page # 1 Section 1: Program Background and Purpose
Red Flag Identity Theft Financial Policy 1.10
Issued: 05/16/2014 Revised: Policy and College ( Seminary ) developed this Identity Theft Prevention Program ("Program") pursuant to the Federal Trade Commission's ( FTC ) Red Flags Rule, which implements
Model Identity Theft Policy and Adopting Resolution
Model Identity Theft Policy and Adopting Resolution, Tennessee RESOLUTION NO. A RESOLUTION ADOPTING AN IDENTITY THEFT POLICY WHEREAS, The Fair and Accurate Credit Transactions Act of 2003, an amendment
01.230 IDENTITY THEFT PREVENTION PROGRAM (RED FLAGS)
01.230 IDENTITY THEFT PREVENTION PROGRAM (RED FLAGS) Authority: Board of Trustees History: Effective May 1, 2009 (approved initially April 24, 2009) Source of Authority: Related Links: Responsible Office:
IDENTITY THEFT PREVENTION
IDENTITY THEFT PREVENTION Policy Title: Identity Theft Prevention Program Policy Type: Administrative Policy Number: #41-07 (2014) Approval Date: 05/12/2015 Responsible Office: University Controller Responsible
Ferris State University
Ferris State University BUSINESS POLICY TO: All Members of the University Community 2009:08 DATE: May 2009 I. BACKGROUND IDENTITY THEFT PREVENTION PROGRAM The risk to the University, and its students,
University of Tennessee's Identity Theft Prevention Program
IDENTITY THEFT PREVENTION PROGRAM 1. BACKGROUND The University of Tennessee (UT) developed this Identity Theft Prevention Program pursuant to the Federal Trade Commission s Red Flags Rule, Section 114
THE UNIVERSITY OF NORTH CAROLINA AT GREENSBORO IDENTITY THEFT PREVENTION PROGRAM
Program Adoption THE UNIVERSITY OF NORTH CAROLINA AT GREENSBORO IDENTITY THEFT PREVENTION PROGRAM As a best practice and using as a guide the Federal Trade Commission s ( FTC ) Red Flags Rule, implementing
These rules became effective August 1, 2009, and require certain agencies to implement an identity theft program and policy.
Red Flag Policy Protecting your privacy is of paramount importance at Missouri Southern State University, and we are dedicated to the responsible handling of your personal information. We are very committed
31-R-11 A RESOLUTION ADOPTING THE CITY OF EVANSTON IDENTITY PROTECTION POLICY. WHEREAS, The Fair and Accurate Credit Transactions Act of 2003,
5/23/2011 31-R-11 A RESOLUTION ADOPTING THE CITY OF EVANSTON IDENTITY PROTECTION POLICY WHEREAS, The Fair and Accurate Credit Transactions Act of 2003, Public Law 108-159, requires municipalities to promulgate
Identity Theft Prevention Program
Identity Theft Prevention Program DATE: 10/22/2015 VERSION 2015-1.0 Abstract Purpose of this document is to establish an Identity Theft Prevention Program designed to detect, prevent and mitigate identity
Green University. Identity Theft Prevention Program. Effective beginning October 31, 2008
Green University Identity Theft Prevention Program Effective beginning October 31, 2008 1 I. PROGRAM ADOPTION Green University ( University ) developed this Identity Theft Prevention Program ("Program")
Texas A&M University Commerce. Identity Theft Prevention Program Effective beginning May 1, 2009
Texas A&M University Commerce Identity Theft Prevention Program Effective beginning May 1, 2009 1 I. PROGRAM ADOPTION Texas A&M University - Commerce ( University ) developed this Identity Theft Prevention
The Florida A&M University. Identity Theft Prevention Program. Effective May 1, 2009
The Florida A&M University Identity Theft Prevention Program Effective May 1, 2009 I. PROGRAM ADOPTION This Identity Theft Prevention Program ("Program") is established pursuant to the Federal Trade Commission's
21.01.04.Z1.01 Guideline: Identity Theft Prevention Program
Texas A&M Health Science Center Guidelines 21.01.04.Z1.01 Guideline: Identity Theft Prevention Program Approved October 7, 2009 Reviewed February 26, 2015 Supplements System Regulation 21.01.04 Reason
Identity Theft Prevention Program (Approved by the Board of Trustees)
Administrative Regulation 8:8 Responsible Office: EVPFA Date Effective: 9/15/2009 Supersedes Version: No previous version Identity Theft Prevention Program (Approved by the Board of Trustees) Major Topics
Village of Brockport Identity Theft Prevention Program Effective December 1, 2009 Confirmed 7/21/14
Village of Brockport Identity Theft Prevention Program Effective December 1, 2009 Confirmed 7/21/14 I. PROGRAM ADOPTION The Village of Brockport ( Village ) developed this Identity Theft Prevention Program
Wake Forest University. Identity Theft Prevention Program. Effective May 1, 2009
Wake Forest University Identity Theft Prevention Program Effective May 1, 2009 I. GENERAL It is the policy of Wake Forest University ( University ) to comply with the Federal Trade Commission's ( FTC )
University of Alaska. Identity Theft Prevention Program
University of Alaska Identity Theft Prevention Program Effective beginning October 31, 2009 I. PROGRAM ADOPTION The University of Alaska ( University ) developed this Identity Theft Prevention Program
Identity theft. A fraud committed or attempted using the identifying information of another person without authority.
SUBJECT: Effective Date: Policy Number: Identity Theft Prevention 08-24-11 2-105.1 Supersedes: Page Of 2-105 1 8 Responsible Authority: Vice President and General Counsel DATE OF INITIAL ADOPTION AND EFFECTIVE
University of North Dakota. Identity Theft Prevention Program
University of North Dakota Identity Theft Prevention Program Effective beginning May 1, 2009 I. PROGRAM ADOPTION University of North Dakota ( University ) developed this Identity Theft Prevention Program
TOURO UNIVERSITY WORLDWIDE AND TOURO COLLEGE LOS ANGELES IDENTITY THEFT PREVENTION POLICY 1.0 POLICY/PROCEDURE 2.0 PURPOSE 3.0 SCOPE 4.
TOURO UNIVERSITY WORLDWIDE AND TOURO COLLEGE LOS ANGELES IDENTITY THEFT PREVENTION POLICY 1.0 POLICY/PROCEDURE Touro adopts this identity theft policy to help protect employees, students, contractors and
Texas A&M International University Identity Theft Prevention Program
Texas A&M International University Identity Theft Prevention Program 1 I. PROGRAM ADOPTION Texas A&M International University ( University ) developed this Identity Theft Prevention Program ( Program )
Central Oregon Community College. Identity Theft Prevention Program
Central Oregon Community College Identity Theft Prevention Program Effective beginning May 1, 2009 I. PROGRAM ADOPTION This program has been created to put COCC in compliance with Section 41.90 under the
II. F. Identity Theft Prevention
II. F. Identity Theft Prevention Effective Date: May 3, 2012 Revises Previous Effective Date: N/A, New Policy I. POLICY: This Identity Theft Prevention Policy is adopted in compliance with the Federal
Identity Theft Prevention Policy and Procedure
Identity Theft Prevention Policy and Procedure In accordance with the Fair and Accurate Credit Transactions Act of 2003 (FACTA), the college president shall be responsible for developing and maintaining
University of Arkansas at Monticello Identity Theft Prevention Program
University of Arkansas at Monticello Identity Theft Prevention Program Overview The University Of Arkansas System Board Of Trustees adopted an Identity Theft Prevention Program (ITP) in compliance with
MARSHALL UNIVERSITY BOARD OF GOVERNORS
MARSHALL UNIVERSITY BOARD OF GOVERNORS Policy No. FA-12 IDENTITY THEFT PREVENTION PROGRAM 1 General Information. 1.1 Scope: To identify, detect, and respond appropriately to any Red Flags that are detected
IDENTITY THEFT DETECTION POLICY
IDENTITY THEFT DETECTION POLICY Approved By: President s Cabinet Date of Last Revision: May 5, 2009 Responsible Office/Department: Business and Finance Policy Statement Grand Valley State University (GVSU)
I. Purpose. Definition. a. Identity Theft - a fraud committed or attempted using the identifying information of another person without authority.
Procedure 3.6: Rule (Identity Theft Prevention) Volume 3: Office of Business & Finance Managing Office: Office of Business & Finance Effective Date: December 2, 2014 I. Purpose In 2007, the Federal Trade
CHAPTER 12 IDENTITY PROTECTION AND IDENTITY THEFT PREVENTION POLICIES
CHAPTER 12 IDENTITY PROTECTION AND IDENTITY THEFT PREVENTION POLICIES Section 1-12-1: Purpose 1-12-2: Definitions 1-12-3: Scope 1-12-4: Identity Protection Policy 1-12-5: Identity Theft Prevention Policy
Identity Theft Prevention Program
Identity Theft Prevention Program I. PROGRAM PURPOSE AND DEFINITIONS The purpose of this Identity Theft Prevention Program ( Program ) is to detect, prevent and mitigate identity theft in connection with
Florida Agricultural & Mechanical University Board of Trustees Policy
Florida Agricultural & Mechanical University Board of Trustees Policy Board of Trustees Policy Number: Date of Adoption: May 4, 2009 Date of Revision: June 6, 2013 Identity Theft Prevention Policy Subject
RESOLUTION NO. 25706 A RESOLUTION ADOPTING THE "CITY OF CHATTANOOGA IDENTITY THEFT POLICY" ATTACHED HERETO AND MADE A PART HEREOF BY REFERENCE.
~. RESOLUTION NO. 25706 A RESOLUTION ADOPTING THE "CITY OF CHATTANOOGA IDENTITY THEFT POLICY" ATTACHED HERETO AND MADE A PART HEREOF BY REFERENCE. WHEREAS, The Fair and Accurate Credit Transactions Act
BOWLING GREEN of#<~ City of Bowling Gree~;? Administrative Instruction No. 20
SECTION 1: BACKGROUND THE CITY OF BOWLING GREEN of#
Oklahoma State University Policy and Procedures. Red Flags Rules and Identity Theft Prevention
Oklahoma State University Policy and Procedures Rules and Identity Theft Prevention 3-0540 ADMINISTRATION & FINANCE July 2009 Introduction 1.01 Oklahoma State University developed this Identity Theft Prevention
COUNCIL POLICY STATEMENT
COUNCIL POLICY STATEMENT Policy No. 44 General Subject: Finance Specific Subject: Identity Theft Policy and Prevention Program Date Approved: October 20, 2008 The following policy is to implement the requirements
Florida International University. Identity Theft Prevention Program. Effective beginning August 1, 2009
Florida International University Identity Theft Prevention Program Effective beginning August 1, 2009 I. PROGRAM ADOPTION Florida International University developed this Identity Theft Prevention Program
Oregon University System Identity Theft Prevention Program Effective May 1, 2009
Oregon University System Identity Theft Prevention Program Effective May 1, 2009 Page 2 I. PROGRAM ADOPTION The Oregon University System ( System ) developed this Identity Theft Prevention Program ("Program")
University System of New Hampshire. Identity Theft Prevention Program
University System of New Hampshire Identity Theft Prevention Program Approved by the USNH Board of Trustees on April 30, 2009 I. PROGRAM ADOPTION The University System of New Hampshire (USNH) developed
Identity Theft Prevention Program. Effective: November 1, 2009
Identity Theft Prevention Program Effective: November 1, 2009 I. BACKGROUND Galveston College ("College" / Institution ) developed this Identity Theft Prevention Program ("Program") pursuant to the Federal
AUBURN WATER SYSTEM. Identity Theft Prevention Program. Effective October 20, 2008
AUBURN WATER SYSTEM Identity Theft Prevention Program Effective October 20, 2008 I. PROGRAM ADOPTION Auburn Water System developed this Identity Theft Prevention Program ("Program") pursuant to the Federal
Xavier University. Fair & Accurate Credit Transactions Act (Red Flags Rule) Policy and Procedures
Xavier University Fair & Accurate Credit Transactions Act (Red Flags Rule) Policy and Procedures Revised April 7, 2009 1 Identity Theft Policy IdentityTheft An identity can be stolen with nothing more
Number: 56.300. Index
Identity Theft Prevention Program Section: General Operations Title: Identity Theft Prevention Program Number: 56.300 Index POLICY.100 POLICY STATEMENT.110 POLICY RATIONALE.120 AUTHORITY.130 APPROVAL AND
CITY OF MARQUETTE, MICHIGAN CITY COMMISSION POLICY
CITY OF MARQUETTE, MICHIGAN CITY COMMISSION POLICY Policy Number: 2008-02 Date Adopted: October 27, 2008 Department: Administrative SUBJECT: IDENTITY THEFT PREVENTION PROGRAM I. OBJECTIVE: A. To protect
Identity Theft Prevention Program
Smyth County Policy Identity Theft Prevention Program Purpose The purpose of the program is to establish an Identity Theft Prevention Program designed to detect, prevent and mitigate identity theft in
Christopher Newport University Policy and Procedures
Policy: Red Flag Identity Theft Identification and Prevention Program Policy Number: 3030 Date of Current Revision: Executive Oversight: Executive Vice President Contact Office: Comptroller s Office Policy:
identity Theft Prevention and Identification Requirements For Utility
[Utility Name] Identity Theft Prevention Program Effective beginning, 2008 I. PROGRAM ADOPTION The [Utility Name] ("Utility") developed this Identity Theft Prevention Program ("Program") pursuant to the
B. Credit - Deferral of payment of a debt incurred for the purchase of goods services, including educational services.
Date Revised: Page 1 of 16 5-21 Identity Theft Prevention Program I. BACKGROUND As a result of the increasing instances of identity theft, the United States Congress passed the Fair and Accurate Credit
TITLE XVIII: IDENTITY THEFT PREVENTION PROGRAM
River Bend Identity Theft Program 1 TITLE XVIII: IDENTITY THEFT PREVENTION PROGRAM Chapter 18.01. IDENTITY THEFT PREVENTION PROGRAM 2 Identity Theft Prevention Program SECTION Chapter 18.01: IDENTITY THEFT
USF System & Preventing Identity Fraud
POLICY USF System USF USFSP USFSM Number: 0-109 Subject: Identity Theft Program Procedures and Protocol Responsible Office: Business and Finance Date of Origin: 1-11-11 Date Last Amended: Date Last Reviewed:
State Of Florida's Real Estate Law
Office of the President University Policy SUBJECT: IDENTITY THEFT PREVENTION PROGRAM Effective Date: 6-17-09 Policy Number: 5.6 Supersedes: Page Of New 1 7 Responsible Authority: Senior Vice President,
City of Hercules Hercules Municipal Utility Identity Theft Prevention Program
City of Hercules Hercules Municipal Utility Identity Theft Prevention Program Purpose The purpose of the program is to establish an Identity Theft Prevention Program designed to detect, prevent and mitigate
IDENTITY THEFT PREVENTION PROGRAM
IDENTITY THEFT PREVENTION PROGRAM Implemented October 2009 Page 1 Table of Contents Background... 3 Purpose... 3 Definitions... 3 Pretext Calling... 4 Receiving Telephone Calls... 5 Change of Address...
IDENTITY THEFT PREVENTION PROGRAM
LEGAL REQUIREMENTS Section 114 of the Federal Trade Commission s Fair and Accurate Credit Transactions Act of 2003 created the Red Flags Rule. This regulation requires the College to have an Identity Theft
Identity Theft Prevention Policy
Eastern Kentucky University Policy and Regulation Library 6.#.#P Volume 6, Volume Title: Financial Affairs Chapter #, Chapter Title Section #, Name: Identity Theft Prevention Policy Approval Authority:
Policy: 208 Subject: Identity Theft Prevention Program Approved for Board Action: December 22, 2009 Dates Amended:
Policy: 208 Subject: Identity Theft Prevention Program Approved for Board Action: December 22, 2009 Dates Amended: I. PROGRAM ADOPTION Hawkeye REC ("REC") developed this Identity Theft Prevention Program
Ouachita Baptist University. Identity Theft Policy and Program
Ouachita Baptist University Identity Theft Policy and Program Under the Federal Trade Commission s Red Flags Rule, Ouachita Baptist University is required to establish an Identity Theft Prevention Program
UNIVERSITY OF MASSACHUSETTS IDENTITY THEFT PREVENTION PROGRAM
Doc. T08-109 Passed by the BoT 12/11/08 UNIVERSITY OF MASSACHUSETTS IDENTITY THEFT PREVENTION PROGRAM The Board recognizes that some activities of the University are subject to the provisions of the Fair
Covered Areas: Those EVMS departments that have activities with Covered Accounts.
I. POLICY Eastern Virginia Medical School (EVMS) establishes the following identity theft program ( Program ) to detect, identify, and mitigate identity theft in its Covered Accounts in accordance with
Identity Theft Prevention Program Derived from the FTC Red Flags Rule requirements
Identity Theft Prevention Program Derived from the FTC Red Flags Rule requirements 1.0 Introduction In 2003, Congress enacted the Fair and Accurate Credit Transactions Act of 2003, 15 U.S.C. Section 1681,
NEVADA SYSTEM OF HIGHER EDUCATION PROCEDURES AND GUIDELINES MANUAL CHAPTER 13 IDENTITY THEFT PREVENTION PROGRAM (RED FLAG RULES)
NEVADA SYSTEM OF HIGHER EDUCATION PROCEDURES AND GUIDELINES MANUAL CHAPTER 13 IDENTITY THEFT PREVENTION PROGRAM (RED FLAG RULES) Section 1. NSHE... 2 Section 2. UNR... 4 Section 3. WNC... 9 Chapter 13,
IDENTITY THEFT PREVENTION PROGRAM
IDENTITY THEFT PREVENTION PROGRAM I. PROGRAM PURPOSE AND DEFINITIONS A. Purpose The YOSKOVICH FUNERAL HOME ("Funeral Home") developed this Identity Theft Prevention Program ("Program") pursuant to the
Delta Township Compiled Policy Manual
Delta Township Compiled Policy Manual Title: Delta Township Identity Theft Policy Adoption Date: October 20, 2008 Revision Date: General Purpose: To establish an Identity Theft Prevention Program designed
3344-19-01 Identity theft prevention program and red flag compliance policy.
3344-19-01 Identity theft prevention program and red flag compliance policy. (A) Program adoption Cleveland state university has developed this identity theft prevention program ( program ) pursuant to
UNIVERSITY OF RICHMOND IDENTITY THEFT PREVENTION PROGRAM
UNIVERSITY OF RICHMOND IDENTITY THEFT PREVENTION PROGRAM I. Program Adoption. After consideration of the size and complexity of the University s operations and account systems, and the nature and scope
University of Dayton Red Flag ID Theft Prevention Program
University of Dayton Red Flag ID Theft Prevention Program I. Program Adoption The University of Dayton developed this Identity Theft Prevention Program ("Program") pursuant to the Federal Trade Commission's
Deer Park Independent School District. Identity Theft Policy and Board of Trustees Resolution
Deer Park Independent School District Identity Theft Policy and Board of Trustees Resolution Deer Park, Texas ORDINANCE AND RESOLUTION A RESOLUTION ADOPTING AN IDENTITY THEFT POLICY WHEREAS, The Fair and
[Institution or GPLS Name] Red Flag Rules - Identity Theft/Fraud Prevention Program. Effective beginning, 2009
[Institution or GPLS Name] Red Flag Rules - Identity Theft/Fraud Prevention Program Effective beginning, 2009 I. PROGRAM ADOPTION The [Institution or GPLS Name] developed this Identity Theft Prevention
Chatsworth Water Works Commission. Identity Theft Prevention Program. Effective beginning December 1, 2008
Chatsworth Water Works Commission Identity Theft Prevention Program Effective beginning December 1, 2008 I. PROGRAM ADOPTION The Chatsworth Water Works Commission ("Utility") developed this Identity Theft
University of Nebraska - Lincoln Identity Theft Prevention Program
I. Purpose & Scope This program was developed pursuant to the Federal Trade Commission s (FTC) Red Flag Rules promulgated pursuant to the Fair and Accurate Credit Transactions Act (the FACT Act). The University
Pacific University. Policy Governing. Identity Theft Prevention Program. Red Flag Guidelines. Approved June 10, 2009
Pacific University Policy Governing Identity Theft Prevention Program Red Flag Guidelines Approved June 10, 2009 Program adoption Pacific University developed this identity Theft Prevention Program ( Program
IDENTITY THEFT PROCEDURES
IDENTITY THEFT PROCEDURES FREQUENTLY ASKED QUESTIONS ABOUT IDENTITY THEFT INCIDENTS AND RED FLAGS Q1: How is a Red Flags incident different from a data security breach? A1: A data security breach is the
Travis County Water Control & Improvement District No. 17. Identity Theft Prevention Program. Effective beginning November 20, 2008
Travis County Water Control & Improvement District No. 17 Identity Theft Prevention Program Effective beginning November 20, 2008 I. PROGRAM ADOPTION The Travis County Water Control and Improvement District
CATAWBA COUNTY IDENTITY THEFT RED FLAGS POLICY
UI. PROGRAM ADOPTION CATAWBA COUNTY IDENTITY THEFT RED FLAGS POLICY Catawba County s Identity Theft Prevention Program ("Program") was developed to comply with the Federal Trade Commission's Red Flags
Identity Theft Policy Created: June 10, 2009 Author: Financial Services and Information Technology Services Version: 1.0
Identity Theft Policy Created: June 10, 2009 Author: Financial Services and Information Technology Services Version: 1.0 Scope: The risk to Loyola University Chicago and its faculty, staff and students
Identity Theft Prevention Program. Approved by the Arizona Board of Regents on May 1, 2009
Identity Theft Prevention Program Approved by the Arizona Board of Regents on May 1, 2009 I. Purpose & Scope This Program was developed pursuant to the Federal Trade Commission s ( FTC ) Red Flag Rules
University of St. Thomas. Identity Theft Prevention Program. (Red Flags Regulation Response)
University of St. Thomas Identity Theft Prevention Program (Red Flags Regulation Response) Revised: January 10, 2013 Program Adoption and Administration The University of St. Thomas ( University ) established
SIMMONS COLLEGE OFFICE OF THE GENERAL COUNSEL RED FLAG RULE POLICY. Background of the Federal Legislation Known as Red Flag Rule
SIMMONS COLLEGE OFFICE OF THE GENERAL COUNSEL RED FLAG RULE POLICY Background of the Federal Legislation Known as Red Flag Rule The Federal Trade Commission (FTC) has issued a regulation known as the Red
Identification of Red Flags, Detecting Red Flags, and Preventing and Mitigating Identity Theft
George Mason University Identity Theft Prevention Program - Procedures Revised September 30, 2012 Identification of, ing, and Preventing and Mitigating Identity Theft IDENTIFICATION OF COVERED ACCOUNT
IDENTITY THEFT PREVENTION PROGRAM
IDENTITY THEFT PREVENTION PROGRAM In compliance with Part 681 of Title 16 of the Code of Federal Regulations implementing Sections 114 of the Fair and Accurate Credit Transactions Act of 2003 ("FACTA"),
City of Caro Identity Theft Prevention Policy
City of Caro Identity Theft Prevention Policy Purpose The purpose of this policy is to establish an Identity Theft Prevention Program designed to detect, prevent and mitigate identity theft in connection
Identity Theft Policy
Identity Theft Policy Policy/Procedure Section 1: Background The risk to Dickinson College (the College ), its employees and students from data loss and identity theft is of significant concern to the
Facts About FACTA Red Flag Identity Theft Prevention Program
FACTA Red Flag Identity Theft Prevention Program FACTA Red Flag Policy Program, page 1 of 6 Contents Overview 3 Definition of Terms 3 Covered Accounts..3 List of Red Flags 3 Suspicious Documents...4 Suspicious
IDENTITY THEFT AND MUNICIPAL UTILITIES
Minnesota Municipal Utilities Association IDENTITY THEFT AND MUNICIPAL UTILITIES Identity Theft and Red Flags Rule requirements The Red Flags Rule implements portions of the Fair and Accurate Credit Transactions
ADRIAN COLLEGE IDENTITY THEFT POLICY
ADRIAN COLLEGE IDENTITY THEFT POLICY Adrian College s Identity Theft Prevention Program I. Program Adoption The Vice President of Business Affairs has developed this Identity Theft Prevention Program (
Approved by the Audit Committee of the Board of Trustees, effective February 3, 2009.
Red Flag Identity Theft Policy 1.) Policy and Program Rationale: Messiah College ( College ) has developed the Identity Theft Policy ( Policy) and Prevention Program ( Program ) pursuant to the Federal
DOYLESTOWN FAMILY MEDICINE, P.C. IDENTITY THEFT PREVENTION PROGRAM TEMPLATE ADOPTED AND EFFECTIVE: APRIL 15, 2009 UPDATED:
DOYLESTOWN FAMILY MEDICINE, P.C. IDENTITY THEFT PREVENTION PROGRAM TEMPLATE ADOPTED AND EFFECTIVE: APRIL 15, 2009 UPDATED: I. Adoption of Identity Theft Prevention Program Doylestown Family Medicine, P.C.
Red Flag Rules Information and Training
Red Flag Rules Information and Training What are Red Flag Rules? The Red Flag Rules: - Are enforced by the Federal Trade Commission (FTC), the federal bank regulatory agencies, and the National Credit
CITY OF ANDREWS IDENTITY THEFT PREVENTION PROGRAM
CITY OF ANDREWS IDENTITY THEFT PREVENTION PROGRAM Approved: February 26, 2010 Reviewed: March 18, 2015 I. PROGRAM ADOPTION The City of Andrews ( Utility ) developed this Identity Theft Prevention ( Program
COUNCIL POLICY NO. C-13
COUNCIL POLICY NO. C-13 TITLE: POLICY: Identity Theft Prevention Program See attachment. REFERENCE: Salem City Council Finance Committee Report dated November 7, 2011, Agenda Item No. 3 (a) Supplants Administrative
OLYMPIC COLLEGE POLICY
OLYMPIC COLLEGE POLICY TITLE: Identity Theft Prevention Policy POLICY NUMBER: OCP 200-18 The risk of data loss and identity theft to the college, its employees, students and applicants is a significant
University Identity Theft and Detection Program (NEW) All Campuses and All Service Providers Subject to the Red Flags Rule
NUMBER: BUSF 4.12 SECTION: SUBJECT: Finance and Planning University Identity Theft and Detection Program (NEW) DATE: March 3, 2011 Policy for: Procedure for: Authorized by: Issued by: All Campuses and
RANDOLPH COUNTY PUBLIC WORKS. Identity Theft Prevention Program. Adopted September 1, 2009 Effective beginning September 1, 2009
RANDOLPH COUNTY PUBLIC WORKS Identity Theft Prevention Program Adopted September 1, 2009 Effective beginning September 1, 2009 I. PROGRAM ADOPTION The Randolph County Public Works Department ( the Department
Springfield Technical Community College Identity Theft Prevention Program
Springfield Technical Community College Identity Theft Prevention Program PROGRAM ADOPTION Springfield Technical Community College ( College ) developed this Identity Theft Prevention Program ( Program
Minnesota State University, Mankato
Minnesota State University, Mankato Identity Theft Prevention Program (Updated July 2009) BACKGROUND Red Flag Overview, Summary of Law and Regulation: The Federal Trade Commission (FTC), the federal bank