County Identity Theft Prevention Program
|
|
- Cuthbert Arnold
- 3 years ago
- Views:
Transcription
1 INTRODUCTION CHAPTER OSCEOLA COUNTY IDENTITY THEFT PREVENTION PROGRAM The Osceola County Board of County Commissioners is committed to protecting consumers who do business with Osceola County, and as such establishes this Identity Theft Prevention Program to detect the warning signs or red-flags of identity theft in the County s day to day operations. PROGRAM Section 1 PURPOSE To establish an Identity Theft Prevention Program designed to detect, prevent and mitigate identity theft in connection with the opening of a covered account or an existing covered account and to provide for continued administration of the Program in compliance with the Fair and Accurate Credit Transactions Act (FACTA) of 2003, Part 681 of Title 16 of the Code of Federal Regulations implementing Sections 114 and 315 of the Fair and Accurate Credit Transactions Act (FACTA) of Section 2 DEFINITIONS A. Covered account is defined as a continuing relationship between a person and a creditor in which the creditor maintains or offers the account for the purchase of goods or services that involves or is designed to permit multiple payments or transactions. B. Credit means the right granted by a creditor to a debtor to defer payment of debt or to incur debts and defer its payment. C. Creditor means the County who regularly offers payment plans or allows customers to pay in installments where it extends, renews, or continues credit. D. Customer means a person that has a covered account with the County E. Identity theft means fraud committed or attempted using the identifying information of another person without authority. F. Red flag means a pattern, practice or specific activity that indicated the possible existence of identity theft. SECTION 3 PROGRAM ADMINISTRATION A. Osceola County Comptroller s Office shall be responsible for the development, implementation, oversight and continued administration of the Program. B. The Program shall train staff, as necessary to effectively implement the Program; and C. The Program shall exercise appropriate and effective oversight of service provider arrangements. 1
2 SECTION 4 APPLICABILITY This program shall be applicable to all customer accounts that are subject to the Red Flags Rule issued by the Federal Reserve System, the Federal Deposit Insurance Corporation, the Federal Trade Commission, the Office of the Comptroller of the Currency and the Office of Thrift Supervision. These accounts shall include any consumer account that the County defers payments for goods or services that allows multiple payments or transaction. Such accounts may include without limitation medical billing accounts. SECTION 5 IDENTIFYING RED FLAGS The following have been identified as Red Flags: A. Alerts, Notifications or Warnings from a Consumer Reporting Agency- Changes in a credit report or consumer credit activity that may signal identity theft. 1. A fraud or active duty alert is included with a consumer report. 2. A consumer reporting agency provides a notice of credit freeze in response to a request for a consumer report. 3. A consumer reporting agency provides a notice of address discrepancy. 4. A consumer report indicates a pattern of activity that is inconsistent with the history and usual pattern of activity of an applicant or customer, such as: a. A recent and significant increase in the volume of inquiries; b. An unusual number of recently established credit relationships; c. A material change in the use of credit, especially with respect to recently established credit relationships; or d. An account that was closed for cause or identified for abuse of account privileges by a financial institution or creditor. B. Suspicious Documents- Red Flags involving documents. 1. Documents provided for identification appear to have been altered or forged. 2. The photograph or physical description on the identification is not consistent with the appearance of the applicant or customer presenting the identification. 3. Information on the identification is not consistent with information provided by the person opening a new covered account or customer presenting the identification. 4. Information on the identification is not consistent with readily accessible information that is on file with the financial institution or creditor, such as a signature card or a recent check. 2
3 5. An application appears to have been altered or forged, or gives the appearance of having been destroyed and reassembled. C. Suspicious Personal Identifying Information- Red Flags involving identifying information. 1. Personal identifying information provided is inconsistent when compared against external information sources used by the County. For example: a. The address does not match any address in the consumer report; or b. The Social Security Number (SSN) has not been issued, or is listed on the Social Security Administration s Death Master File. 2. Personal identifying information provided by the customer is not consistent with other personal identifying information provided by the customer. For example, there is a lack of correlation between the SSN range and date of birth. 3. Personal identifying information provided is associated with known fraudulent activity as indicated by internal or third-party sources used by the financial institution or creditor. For example: a. The address on an application is the same as the address provided on a fraudulent application; or b. The phone number on an application is the same as the number provided on a fraudulent application. 4. Personal identifying information provided is of a type commonly associated with fraudulent activity as indicated by internal or third-party sources used by the financial institution or creditor. For example: a. The address on an application is fictitious, a mail drop, or a prison; or b. The phone number is invalid, or is associated with a pager or answering service. 5. The SSN provided is the same as that submitted by other persons opening an account or other customers. 6. The address or telephone number provided is the same as or similar to the account number or telephone number submitted by an unusually large number of other persons opening accounts or other customers. 7. The person opening the covered account or the customer fails to provide all required personal identifying information on an application or in response to notification that the application is incomplete. 8. Personal identifying information provided is not consistent with personal identifying information that is on file with the County. 3
4 9. For accounts that use challenge questions, the person opening the covered account or the customer cannot provide authenticating information beyond that which generally would be available from a wallet or consumer report. D. Unusual Use of, or Suspicious Activity Related to, the Covered Account- These are Red Flags associated with account activity 1. A covered account is used in a manner that is not consistent with established patterns of activity on the account. There is, for example: a. Nonpayment when there is no history of late or missed payments; b. A material change in telephone cell patterns in connection with a cellular phone account. 2. A covered account that has been inactive for a reasonably lengthy period of time is used (taking into consideration the type of account, the expected pattern of usage and other relevant factors). 3. Mail sent to the customer is returned repeatedly as undeliverable although transactions continue to be conducted in connection with the customer s covered account. 4. The County is notified that the customer is not receiving paper account statements. 5. The County is notified of unauthorized charges or transactions in connection with a customer s covered account. E. Notice from other Sources, Customers, Victims of Identity Theft, Law Enforcement Authorities, or Other Persons Regarding Possible Identity Theft in Connection With Covered Accounts Held by the Financial Institution or Creditor. The County is notified by a customer, a victim of identity theft, a law enforcement authority, or any other person that it has opened a fraudulent account for a person engaged in identity theft. SECTION 6 IDENTITY RESPONSE TO ATTEMPTED/SUSPECTED FRAUDULENT USE OF A. Internal Notification. Any County employee who becomes aware of a suspected or actual fraudulent use of a customer or potential customers identity must notify their department director or his/her designee. B. External Notification. Affected Individual The department director or his/her designee will notify the affected individual(s), if possible, of any actual identity theft. The following information will be included in the notice: C. General information about the incident; 1. The type of identifying information involved; 2. The telephone number that the person can call for further information and assistance. 3. Contact information for the Osceola County Sheriff Department. 4
5 4. Federal Trade Commission: (877) or 5. Credit Reporting Agencies: Place fraud alerts on your credit reports by contacting credit bureaus. 6. Equifax: (800) or 7. Experian (800) or 8. TransUnion (800) or D. Method of Contact: 1. Written notice, certified mail. 2. By telephone, provided the contact is made directly with the affected person and appropriately documented. E. Local Law Enforcement Notification The department director or his/her designee will notify the Osceola County Sheriff Office of any attempted or actual identity theft. SECTION 7 PERIODIC UPDATES TO THE PROGRAM The County Manager s designee will review the program at least annually, or after each and every attempt at identity theft. Any proposed changes will be presented to the Board of County Commissioners for approval. Section 8 REPORTING The County Manager s designee will report to the County Manager prior to May 31st of each year except no report is required the year that this program is adopted, on compliance with the Red Flags Rule. The report will include any material matters and issues regarding this program, such as: Initial implementation of the program; Employee training; Effectiveness of policies and procedures in addressing risk in how accounts are opened and maintained; Service provider (third party) arrangements; Significant incidents involving identity theft and management response; Recommendations for changes. Section 9 CUSTOMER PERSONAL IDENTIFICATION INFORMATION 5
6 A. Information Collected - Identifying information is defined as any name or number that may be used, alone or in conjunction with any other information, to identify a specific person. The following identifying information may be collected by the County. Name Physical and/or mailing address(es) Social Security Number Date of Birth Official State/government issued driver s license or identification number, Alien registration number Government passport number Employer or taxpayer identification number B. Personal identifying information is collected by: Presentation by customer at the office; Presentation at incident/facility locations; Telephone; Internet; and Mail. Any other methods of collection are not acceptable. SECTION 10 PHYSICAL SECURITY OF PERSONAL IDENTIFYING INFORMATION IS PROTECTED A. Papers, Documents & Files. All paper documents or files, as well as CDs, floppy disks, zip drives, tapes, and backups containing personal identifiable information will be stored in a locked file cabinet. 1. File cabinets containing personally identifiable information will be stored in locked room. 2. The Division Director of his/her designee will control keys to the file cabinet and room, make any copies of the keys, and distribute those keys only to employees with a legitimate need. 3. Files containing personal identifiable information are kept in locked file cabinets except when an employee is working on the file. 4. Employees will not to leave sensitive papers out on their desks when they are away from their workstations. 6
7 5. At the end of the day, employees put files away, log off their computers, and lock their file cabinets and office doors at the end of the day. 6. Access to offsite storage facilities is limited to employees with a legitimate business need. Access keys/codes will only be given to those employees. All employees who enter these facilities will document their visit. 7. Any sensitive information shipped using outside carriers or contractors will be encrypted and an inventory of the information being shipped will be kept. It will be shipped using an overnight shipping service that will allow tracking of the delivery of this information. B. Building Access 1. Visitors who must enter areas where sensitive files are kept must be escorted by an employee of the county. 2. No visitor will be given any entry codes or allowed unescorted access in areas where sensitive files are kept. Section 11 SECURITY OF ELECTRONIC RECORDS A. General Network Security 1. Sensitive consumer data will not be stored on any computer with an internet connection unless it s essential for conducting your business. 2. Sensitive information that is sent to third parties over public networks will be encrypted. 3. Sensitive information that is stored on the County s computer network or on disks or portable storage devices used by a County employee will be encrypted. 4. transmissions within the County will be encrypted if they contain personally identifying information. 5. Anti-virus and anti-spy ware programs will be run on individual computers and on servers on your network daily. 6. When credit card information or other sensitive financial data is received or transmitted, use Secure Sockets Layer (SSL) or another secure connection that protects the information in transit. B. Password Management 1. Access to sensitive information will be controlled using strong passwords. Employees will choose passwords with a mix of letters, numbers and characters. User name and passwords will be different. Passwords will be changed at least every 90 days. 2. Passwords will not be shared or posted near workstation. 3. Password-activated screen savers will be used to lock employee computers after a period of inactivity. 7
8 4. When installing new software, immediately change vendor-supplied default passwords to a more secure strong password. C. Laptop Security 1. The use of laptops is restricted to those employees who need them to perform their jobs. 2. Assess whether sensitive information really needs to be stored on a laptop. If not, delete it with a wiping program that overwrites data on the laptop. 3. Laptops are to be stored in secure place. 4. Laptop users will only have access to sensitive information, but not to store the information on their laptops. 5. Laptops which contain sensitive data will be encrypted and configured so that users cannot download any software or change the security settings without approval from the Information Technology Department. 6. All laptops will be configured with an auto-destroy function so that data on a computer that is reported stolen will be destroyed when the thief uses it to try to get on the internet. 7. Employees are never to leave a laptop visible in a car, at a hotel luggage stand, or packed in checked luggage unless directed to by airport security. 8. If a laptop must be left in a vehicle, it should be locked in a trunk D. Firewalls. The computer network will have a border firewall where your network connects to the internet with the fire wall settings being reviewed periodically. E. Wireless and Remote Access. Any wireless network in use shall be secured. F. Detecting Breaches. The Information Technology Department will: 1. use an intrusion detection system to detect network breaches when they occur; 2. maintain central log files of security-related information to monitor activity on County s network; 3. monitor incoming traffic for signs that someone is trying to hack in; 4. monitor outgoing traffic for signs of a data breach; and 5. implement a breach response plan. Section 12 EMPLOYEE TRAINING A. Copies of this program shall be made available to those who handle applicable accounts. B. The County shall have a procedure in place to check references or do a background check before hiring employees who will have access to sensitive data. 8
9 C. Access to customer s personal identify information is limited to employees with a need to know. D. The County shall have a procedure in place for making sure that workers who leave the County s employ or transfer to another department within the County will no longer have access to sensitive information. E. Employees will be alert to attempts at phone phishing. F. Employees are required to notify the department director or his/her designee immediately if there is a potential security breach, such as a lost or stolen laptop. G. Employees who violate security policy are subject to discipline, up to, and including termination. SECTION 13 DISPOSAL OF SENSITIVE INFORMATION A. Paper Records. Paper records that contain sensitive information will be shredded before being placed into the trash. B. Computers and Portable Storage Devices. When disposing of old computers and portable storage devices, use a Department of Defense-compliant disc wiping utility program. C. Any compact disc (CD or DVD) will be disposed of by shredding, punching holes in, or incineration. History 06/07/10, Res #10-075R,created un-numbered Chapter; 9
Identity Theft Prevention Program Compliance Model
September 29, 2008 State Rural Water Association Identity Theft Prevention Program Compliance Model Contact your State Rural Water Association www.nrwa.org Ed Thomas, Senior Environmental Engineer All
More informationDRAFT National Rural Water Association Identity Theft Program Model September 22, 2008
DRAFT National Rural Water Association Identity Theft Program Model September 22, 2008 This model has been designed to help water and wastewater utilities comply with the Federal Trade Commission s (FTC)
More informationAUBURN WATER SYSTEM. Identity Theft Prevention Program. Effective October 20, 2008
AUBURN WATER SYSTEM Identity Theft Prevention Program Effective October 20, 2008 I. PROGRAM ADOPTION Auburn Water System developed this Identity Theft Prevention Program ("Program") pursuant to the Federal
More informationSection 5 Identify Theft Red Flags and Address Discrepancy Procedures Index
Index Section 5.1 Purpose.... 2 Section 5.2 Definitions........2 Section 5.3 Validation Information.....2 Section 5.4 Procedures for Opening New Accounts....3 Section 5.5 Procedures for Existing Accounts...
More informationWholesale Broker Red Flag/Identity Theft Prevention Program Certification
Wholesale Broker Red Flag/Identity Theft Prevention Program Certification Federal regulations require that all financial institutions and their affiliates create an identity theft prevention program in
More informationTravis County Water Control & Improvement District No. 17. Identity Theft Prevention Program. Effective beginning November 20, 2008
Travis County Water Control & Improvement District No. 17 Identity Theft Prevention Program Effective beginning November 20, 2008 I. PROGRAM ADOPTION The Travis County Water Control and Improvement District
More informationCentral Oregon Community College. Identity Theft Prevention Program
Central Oregon Community College Identity Theft Prevention Program Effective beginning May 1, 2009 I. PROGRAM ADOPTION This program has been created to put COCC in compliance with Section 41.90 under the
More informationUniversity Identity Theft and Detection Program (NEW) All Campuses and All Service Providers Subject to the Red Flags Rule
NUMBER: BUSF 4.12 SECTION: SUBJECT: Finance and Planning University Identity Theft and Detection Program (NEW) DATE: March 3, 2011 Policy for: Procedure for: Authorized by: Issued by: All Campuses and
More informationCovered Areas: Those EVMS departments that have activities with Covered Accounts.
I. POLICY Eastern Virginia Medical School (EVMS) establishes the following identity theft program ( Program ) to detect, identify, and mitigate identity theft in its Covered Accounts in accordance with
More informationState Of Florida's Real Estate Law
Office of the President University Policy SUBJECT: IDENTITY THEFT PREVENTION PROGRAM Effective Date: 6-17-09 Policy Number: 5.6 Supersedes: Page Of New 1 7 Responsible Authority: Senior Vice President,
More informationAdministrative Procedure 5800 Prevention of Identity Theft in Student Financial Transactions
Reference: Fair and Accurate Credit Transactions Act, ( Pub. L. 108-159) The purpose of the Identity Theft Prevention Program (ITPP) is to control reasonably foreseeable risks to students from identity
More informationInteragency Guidelines on Identity Theft Detection, Prevention, and Mitigation
Guidelines to FTC Red Flag Rule(reformatted) Appendix A to Part 681 Interagency Guidelines on Identity Theft Detection, Prevention, and Mitigation Section 681.2 of this part requires each financial institution
More informationNORTHEAST COMMUNITY COLLEGE ADMINISTRATIVE PROCEDURE NUMBER: AP-3250.0 FOR POLICY NUMBER: BP 3250 IDENITY THEFT PREVENTION PROGRAM PROCEDURES
NORTHEAST COMMUNITY COLLEGE ADMINISTRATIVE PROCEDURE NUMBER: AP-3250.0 FOR POLICY NUMBER: BP 3250 IDENITY THEFT PREVENTION PROGRAM PROCEDURES 1. PROCEDURE SUMMARY STATMENT The purpose of this procedure
More informationIdentity Theft Prevention Program
The University of North Carolina at Chapel Hill Identity Theft Prevention Program The Board of Trustees of The University of North Carolina at Chapel Hill (the University ) adopts this Identity Theft Prevention
More informationCITY OF ANDREWS IDENTITY THEFT PREVENTION PROGRAM
CITY OF ANDREWS IDENTITY THEFT PREVENTION PROGRAM Approved: February 26, 2010 Reviewed: March 18, 2015 I. PROGRAM ADOPTION The City of Andrews ( Utility ) developed this Identity Theft Prevention ( Program
More informationFacts About the South Dakota Identity Theft Program
South Dakota Association of Rural Water Systems Identity Theft Prevention Program Compliance Model All utilities are required to comply with this regulation. The Red Flag Rule requires any entity where
More informationIdentity Theft Policy Created: June 10, 2009 Author: Financial Services and Information Technology Services Version: 1.0
Identity Theft Policy Created: June 10, 2009 Author: Financial Services and Information Technology Services Version: 1.0 Scope: The risk to Loyola University Chicago and its faculty, staff and students
More informationpolicy All terms used in this policy that are defined in 16 C.F.R. 681.2 shall have the same meaning provided in that section.
Name of Policy: Identity theft detection, prevention, and mitigation. Policy Number: 3364-15-12 Approving Officer: President Responsible Agent: Compliance Officer Scope: All University of Toledo Campuses
More informationIdentity Theft Prevention Program
Smyth County Policy Identity Theft Prevention Program Purpose The purpose of the program is to establish an Identity Theft Prevention Program designed to detect, prevent and mitigate identity theft in
More informationCOUNTY OF SONOMA AND SONOMA COUNTY COMMUNITY DEVELOPMENT COMMISSION IDENTITY THEFT PREVENTION PROGRAM
COUNTY OF SONOMA AND SONOMA COUNTY COMMUNITY DEVELOPMENT COMMISSION IDENTITY THEFT PREVENTION PROGRAM In Accordance with the Fair and Accurate Credit Transactions Act of 2003 And 16 CFR 681.1 and 16 CFR
More informationCyber Self Assessment
Cyber Self Assessment According to Protecting Personal Information A Guide for Business 1 a sound data security plan is built on five key principles: 1. Take stock. Know what personal information you have
More informationUNIVERSITY OF MASSACHUSETTS IDENTITY THEFT PREVENTION PROGRAM
Doc. T08-109 Passed by the BoT 12/11/08 UNIVERSITY OF MASSACHUSETTS IDENTITY THEFT PREVENTION PROGRAM The Board recognizes that some activities of the University are subject to the provisions of the Fair
More informationUNION COUNTY S IDENTITY THEFT PREVENTION PROGRAM
UNION COUNTY S IDENTITY THEFT PREVENTION PROGRAM This program shall become effective November 1, 2008. Adopted this the 20 th day of October, 2008. I. PREFACE The purpose of this program is to detect,
More informationUniversity Policy: Identity Theft Prevention Policy
University Policy: Identity Theft Prevention Policy Policy Category: Ethics, Integrity and Legal Compliance Policies Subject: Detection, prevention and mitigation of identity theft Office Responsible for
More informationControl the Risk of Identity Theft
Control the Risk of Identity Theft Guidance for Your Business R NORTH AMERICAN EQUIPMENT DEALERS ASSOCIATION This information was compiled from Protecting Personal Information: A Guide for Business, a
More informationEXHIBIT A Identity Theft Protection Program. Definitions. For purposes of the Policy, the following definitions apply (1);
EXHIBIT A Identity Theft Protection Program Definitions. For purposes of the Policy, the following definitions apply (1); A. City means: the City of Troy, Montana B. Covered Account means: An account that
More informationDSU Identity Theft Prevention Policy No. DSU 802.7.001
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 IDENTITY THEFT PREVENTION DSU Policy No. 802.7.001 SOURCE: Fair and Accurate
More informationRESOLUTION TO ADOPT IDENTITY THEFT POLICY
RESOLUTION TO ADOPT IDENTITY THEFT POLICY WHEREAS, in late 2008 the Federal Trade Commission (FTC) and federal banking agencies issued a regulation known as the Red Flag Rule under sections 114 and 315
More informationIdentity Theft Policy
Identity Theft Policy Policy/Procedure Section 1: Background The risk to Dickinson College (the College ), its employees and students from data loss and identity theft is of significant concern to the
More informationIDENTITY THEFT PREVENTION PROGRAM COUNTY OF DUPLIN, NORTH CAROLINA
IDENTITY THEFT PREVENTION PROGRAM COUNTY OF DUPLIN, NORTH CAROLINA TO ESTABLISH AN IDENTIFY THEFT PREVENTION PROGRAM; TO COMPLY WITH FEDERAL REGULATIONS RELATING TO ADDRESS DISCREPANCIES; TO COMPLY WITH
More informationA Guide to Benedictine College and Identity Theft
IDENTITY THEFT PREVENTION PROGRAM The risk to Benedictine College, its employees and students from data loss and identity theft is of significant concern to the College and can be reduced only through
More informationDMACC IDENTITY THEFT- RED FLAGS PROCEDURES
DMACC IDENTITY THEFT- RED FLAGS PROCEDURES This document contains identity theft red flag procedures for Des Moines Area Community College. Section Topic Page 1.0 2.0 3.0 4.0 5.0 6.0 7.0 8.0 XX PURPOSE
More informationELKHORN RURAL PUBLIC POWER DISTRICT POLICY #1230. Identity Theft Prevention Policy
ELKHORN RURAL PUBLIC POWER DISTRICT 1230-1 I. POLICY SUMMARY POLICY #1230 Identity Theft Prevention Policy It shall be the policy of Elkhorn Rural Public Power District ( District ) to take all reasonable
More informationIdentity Theft Prevention Program
Identity Theft Prevention Program I. PROGRAM PURPOSE AND DEFINITIONS The purpose of this Identity Theft Prevention Program ( Program ) is to detect, prevent and mitigate identity theft in connection with
More informationMCPHS IDENTITY THEFT POLICY
SECTION 1: BACKGROUND MCPHS IDENTITY THEFT POLICY The risk to the College, its employees and students from data loss and identity theft is of significant concern to the College and can be reduced only
More informationRed Flag Identity Theft Financial Policy 1.10
Issued: 05/16/2014 Revised: Policy and College ( Seminary ) developed this Identity Theft Prevention Program ("Program") pursuant to the Federal Trade Commission's ( FTC ) Red Flags Rule, which implements
More informationRed Flags Identity Theft Training Program. Fall 2015
Red Flags Identity Theft Training Program Fall 2015 Background In 2003, U.S. Congress enacted the Fair and Accurate Credit Transactions Act of 2003 (FACTA). FACTA requires creditors to adopt policies and
More informationSOUTH TEXAS COLLEGE. Identity Theft Prevention Program and Guidelines. FTC Red Flags Rule
SOUTH TEXAS COLLEGE Identity Theft Prevention Program and Guidelines FTC Red Flags Rule Issued June 24, 2009 Table of Contents Section Section Description Page # 1 Section 1: Program Background and Purpose
More informationCalifornia State University, Chico. Identity Theft Prevention Red Flags Program
Identity Theft Prevention Red Flags Program Version 1.0 November 16, 2010 REVIEW/APPROVAL HISTORY Document Title: Author: Brooke F. Banks, Information Security Officer Date By Action Pages 10/30/2009 Bill
More informationWHEREAS the Federal Trade Commission regulations include utility companies in the definition of creditor;
CITY OF STATE OF GEORGIA ORDINANCE NO: AN ORDINANCE TO AMEND THE CODE OF ORDINANCES, CITY OF, GEORGIA TO PROVIDE A NEW ARTICLE, IDENTITY THEFT PREVENTION PROGRAM; TO COMPLY WITH FEDERAL REGULATIONS RELATING
More informationPOLICY: Identity Theft Red Flag Prevention
POLICY SUBJECT: POLICY: Identity Theft Red Flag Prevention It shall be the policy of the Cooperative to take all reasonable steps to identify, detect, and prevent the theft of its members personal information
More informationCHAPTER 99: IDENTITY THEFT PREVENTION PROGRAM
CHAPTER 99: IDENTITY THEFT PREVENTION PROGRAM Section 99.01 Objective 99.02 Scope 99.03 Definitions 99.04 Policy 99.05 Program Management and Accountability 99.06 Responsibility 99.07 Identity Theft Prevention
More informationPOLICY NO. 449 IDENTITY THEFT PREVENTION POLICY
POLICY NO. 449 IDENTITY THEFT PREVENTION POLICY I. POLICY SUMMARY It shall be the policy of Polk County Rural Public Power District (PCRPPD) to take all reasonable steps to identify, detect, and prevent
More informationNortheast Technology Center Board Policy 2110 Page 1 IDENTITY THEFT PREVENTION (MANY COVERED ACCOUNTS)
Page 1 IDENTITY THEFT PREVENTION (MANY COVERED ACCOUNTS) This Policy is adopted to ensure compliance with the Fair and Accurate Credit Transaction Act, 15 U.S.C. 1601 et seq. and the Federal Trade Commission
More informationWisconsin Rural Water Association Identity Theft Prevention Program Compliance Model
Wisconsin Rural Water Association Identity Theft Prevention Program Compliance Model All utilities are required to comply with this regulation. The Red Flag Rule requires any entity where there is a risk
More informationThese rules became effective August 1, 2009, and require certain agencies to implement an identity theft program and policy.
Red Flag Policy Protecting your privacy is of paramount importance at Missouri Southern State University, and we are dedicated to the responsible handling of your personal information. We are very committed
More informationTHE LUTHERAN UNIVERSITY ASSOCIATION, INC. d/b/a Valparaiso University IDENTITY THEFT PREVENTION PROGRAM
THE LUTHERAN UNIVERSITY ASSOCIATION, INC. d/b/a Valparaiso University IDENTITY THEFT PREVENTION PROGRAM SECTION 1: BACKGROUND The risk to Valparaiso University ("University"), its employees, students (in
More informationPolicies and Procedures: IDENTITY THEFT PREVENTION
Policies and Procedures: IDENTITY THEFT PREVENTION Section: Chapter: Policy: Compliance Administration Identity Theft Prevention I. PURPOSE The purpose of this policy is to protect patients and West Virginia
More informationIDENTITY THEFT PREVENTION PROGRAM
IDENTITY THEFT PREVENTION PROGRAM In compliance with Part 681 of Title 16 of the Code of Federal Regulations implementing Sections 114 of the Fair and Accurate Credit Transactions Act of 2003 ("FACTA"),
More informationIdentity Theft Prevention Program Derived from the FTC Red Flags Rule requirements
Identity Theft Prevention Program Derived from the FTC Red Flags Rule requirements 1.0 Introduction In 2003, Congress enacted the Fair and Accurate Credit Transactions Act of 2003, 15 U.S.C. Section 1681,
More informationModel Identity Theft Policy and Adopting Resolution
Model Identity Theft Policy and Adopting Resolution, Tennessee RESOLUTION NO. A RESOLUTION ADOPTING AN IDENTITY THEFT POLICY WHEREAS, The Fair and Accurate Credit Transactions Act of 2003, an amendment
More informationCOUNCIL POLICY STATEMENT
COUNCIL POLICY STATEMENT Policy No. 44 General Subject: Finance Specific Subject: Identity Theft Policy and Prevention Program Date Approved: October 20, 2008 The following policy is to implement the requirements
More informationUniversity of St. Thomas. Identity Theft Prevention Program. (Red Flags Regulation Response)
University of St. Thomas Identity Theft Prevention Program (Red Flags Regulation Response) Revised: January 10, 2013 Program Adoption and Administration The University of St. Thomas ( University ) established
More informationCHAPTER 12 IDENTITY PROTECTION AND IDENTITY THEFT PREVENTION POLICIES
CHAPTER 12 IDENTITY PROTECTION AND IDENTITY THEFT PREVENTION POLICIES Section 1-12-1: Purpose 1-12-2: Definitions 1-12-3: Scope 1-12-4: Identity Protection Policy 1-12-5: Identity Theft Prevention Policy
More informationCITY OF MARQUETTE, MICHIGAN CITY COMMISSION POLICY
CITY OF MARQUETTE, MICHIGAN CITY COMMISSION POLICY Policy Number: 2008-02 Date Adopted: October 27, 2008 Department: Administrative SUBJECT: IDENTITY THEFT PREVENTION PROGRAM I. OBJECTIVE: A. To protect
More informationUniversity of Nebraska - Lincoln Identity Theft Prevention Program
I. Purpose & Scope This program was developed pursuant to the Federal Trade Commission s (FTC) Red Flag Rules promulgated pursuant to the Fair and Accurate Credit Transactions Act (the FACT Act). The University
More informationCENTENARY COLLEGE POLICIES UNDER THE FAIR & ACCURATE CREDIT TRANSACTION ACT S RED FLAG RULES
(FACTA) April 30, 2009 Approved by: Audit Committee of the Board of Trustees CENTENARY COLLEGE POLICIES UNDER THE A RESOLUTION ADOPTING AN IDENTITY THEFT POLICE Centenary College ( College ) developed
More informationUniversity of Tennessee's Identity Theft Prevention Program
IDENTITY THEFT PREVENTION PROGRAM 1. BACKGROUND The University of Tennessee (UT) developed this Identity Theft Prevention Program pursuant to the Federal Trade Commission s Red Flags Rule, Section 114
More informationCity of Hercules Hercules Municipal Utility Identity Theft Prevention Program
City of Hercules Hercules Municipal Utility Identity Theft Prevention Program Purpose The purpose of the program is to establish an Identity Theft Prevention Program designed to detect, prevent and mitigate
More informationBoard of Commissioners Policy. Town of Nags Head Identity Theft Protection Program. Adopted October 22, 2008
M. Renée Cahoon Mayor Anna D. Sadler Mayor Pro Tem Charlie Cameron Town Manager/ Public Safety Director Town of Nags Head Post Office Box 99 Nags Head, North Carolina 27959 Telephone 252-441-5508 Fax 252-441-0776
More informationRed Flag Rules and Aging Services: What You Need to Know
Red Flag Rules and Aging Services: What You Need to Know Late in 2007, six federal agencies, including the Federal Trade Commission ( FTC ), jointly issued final rules and accompanying guidelines to implement
More informationPROVISIONS IDENTITY THEFT RED FLAG FAQS
R E D F L A G PROVISIONS 2 0 0 9 IDENTITY THEFT RED FLAG FAQS Provided to you by P r e p a r e d b y Eduard Goodman, J.D.,LL.M. Chief Privacy Officer I d e n t i t y T h e f t 9 11, L L C FREQUENTLY ASKED
More information31-R-11 A RESOLUTION ADOPTING THE CITY OF EVANSTON IDENTITY PROTECTION POLICY. WHEREAS, The Fair and Accurate Credit Transactions Act of 2003,
5/23/2011 31-R-11 A RESOLUTION ADOPTING THE CITY OF EVANSTON IDENTITY PROTECTION POLICY WHEREAS, The Fair and Accurate Credit Transactions Act of 2003, Public Law 108-159, requires municipalities to promulgate
More informationIdentity Theft Prevention Program. Approved by the Arizona Board of Regents on May 1, 2009
Identity Theft Prevention Program Approved by the Arizona Board of Regents on May 1, 2009 I. Purpose & Scope This Program was developed pursuant to the Federal Trade Commission s ( FTC ) Red Flag Rules
More informationSpotting ID Theft Red Flags A Guide for FACTA Compliance. An IDology, Inc. Whitepaper
Spotting ID Theft Red Flags A Guide for FACTA Compliance An IDology, Inc. Whitepaper With a November 1 st deadline looming for financial companies and creditors to comply with Sections 114 and 315 of the
More informationUSF System & Preventing Identity Fraud
POLICY USF System USF USFSP USFSM Number: 0-109 Subject: Identity Theft Program Procedures and Protocol Responsible Office: Business and Finance Date of Origin: 1-11-11 Date Last Amended: Date Last Reviewed:
More informationFerris State University
Ferris State University BUSINESS POLICY TO: All Members of the University Community 2009:08 DATE: May 2009 I. BACKGROUND IDENTITY THEFT PREVENTION PROGRAM The risk to the University, and its students,
More informationIDENTITY THEFT PREVENTION PROGRAM
IDENTITY THEFT PREVENTION PROGRAM I. PROGRAM PURPOSE AND DEFINITIONS A. Purpose The YOSKOVICH FUNERAL HOME ("Funeral Home") developed this Identity Theft Prevention Program ("Program") pursuant to the
More informationMOTLOW STATE COMMUNITY COLLEGE
Page 1 of 5 MOTLOW STATE COMMUNITY COLLEGE SUBJECT: FACTA Red Flag Rule and Identity Theft Prevention Program I. BACKGROUND In late 2007 the Federal Trade Commission (FTC) and Federal banking agencies
More informationIDENTITY THEFT PREVENTION
IDENTITY THEFT PREVENTION Policy Title: Identity Theft Prevention Program Policy Type: Administrative Policy Number: #41-07 (2014) Approval Date: 05/12/2015 Responsible Office: University Controller Responsible
More informationORDINANCE NUMBER 644 AN ORDINANCE ESTABLISHING THE TOWN OF YORKTOWN IDENTITY THEFT PREVENTION PROGRAM
ORDINANCE NUMBER 644 AN ORDINANCE ESTABLISHING THE TOWN OF YORKTOWN IDENTITY THEFT PREVENTION PROGRAM WHEREAS, the Federal Trade Commission, through 16 C.F.R. Part 681.1, adopted Identity Theft Rules requiring
More informationRANDOLPH COUNTY PUBLIC WORKS. Identity Theft Prevention Program. Adopted September 1, 2009 Effective beginning September 1, 2009
RANDOLPH COUNTY PUBLIC WORKS Identity Theft Prevention Program Adopted September 1, 2009 Effective beginning September 1, 2009 I. PROGRAM ADOPTION The Randolph County Public Works Department ( the Department
More informationDelta Township Compiled Policy Manual
Delta Township Compiled Policy Manual Title: Delta Township Identity Theft Policy Adoption Date: October 20, 2008 Revision Date: General Purpose: To establish an Identity Theft Prevention Program designed
More informationRESOLUTION NO. 2009-1
RESOLUTION NO. 2009-1 A RESOLUTION OF THE MAYOR AND COUNCI8L OF THE CITY OF ST. ANTHONY, IDAHO, ADOPTING AN IDENTY THEFT PREVENTION PROGRAM WHEREAS, Section 114 of the Fair and Accurate Transaction Act
More informationRADLEY ACURA RED FLAG IDENTITY THEFT PROTECTION PROGRAM and ADDRESS DISCREPANCY PROGRAM
RADLEY ACURA RED FLAG IDENTITY THEFT PROTECTION PROGRAM and ADDRESS DISCREPANCY PROGRAM SUMMARY OF OUR PROGRAM AND PROCESSES This dealership is committed to protecting its customers and itself from identity
More informationNEVADA SYSTEM OF HIGHER EDUCATION PROCEDURES AND GUIDELINES MANUAL CHAPTER 13 IDENTITY THEFT PREVENTION PROGRAM (RED FLAG RULES)
NEVADA SYSTEM OF HIGHER EDUCATION PROCEDURES AND GUIDELINES MANUAL CHAPTER 13 IDENTITY THEFT PREVENTION PROGRAM (RED FLAG RULES) Section 1. NSHE... 2 Section 2. UNR... 4 Section 3. WNC... 9 Chapter 13,
More informationidentity TheFT PREVENTION Programs and Response
IDENTITY THEFT PREVENTION PROGRAM This program is launched in response to the Federal Trade Commission Red Flag Rules and Address Discrepancy Rules in conjunction with the Fair and Accurate Credit Transaction
More informationUCLA Policy 313: Prevention of Identity Theft
UCLA Policy 313: Prevention of Identity Theft Issuing Officer: Executive Vice Chancellor and Provost Responsible Dept: Corporate Financial Services Effective Date: July 29, 2009 Supersedes: New I. REFERENCES
More informationIDENTITY THEFT PREVENTION PROGRAM
IDENTITY THEFT PREVENTION PROGRAM Concordia Board of Regents May 2009 A Resolution Adopting the Identity Theft Prevention Program WHEREAS, The Federal Trade Commission, under Part 681 of Title 16 in the
More informationRANDOLPH COUNTY EMERGENCY SERVICES & TAX DEPARTMENT. Identity Theft Prevention Program. Adopted August 3, 2009 Effective beginning August 1, 2009
RANDOLPH COUNTY EMERGENCY SERVICES & TAX DEPARTMENT Identity Theft Prevention Program Adopted August 3, 2009 Effective beginning August 1, 2009 I. PROGRAM ADOPTION The Randolph County Emergency Services
More informationCOUNCIL POLICY NO. C-13
COUNCIL POLICY NO. C-13 TITLE: POLICY: Identity Theft Prevention Program See attachment. REFERENCE: Salem City Council Finance Committee Report dated November 7, 2011, Agenda Item No. 3 (a) Supplants Administrative
More informationidentity Theft Prevention and Identification Requirements For Utility
[Utility Name] Identity Theft Prevention Program Effective beginning, 2008 I. PROGRAM ADOPTION The [Utility Name] ("Utility") developed this Identity Theft Prevention Program ("Program") pursuant to the
More informationPacific University. Policy Governing. Identity Theft Prevention Program. Red Flag Guidelines. Approved June 10, 2009
Pacific University Policy Governing Identity Theft Prevention Program Red Flag Guidelines Approved June 10, 2009 Program adoption Pacific University developed this identity Theft Prevention Program ( Program
More informationBOWLING GREEN of#<~ City of Bowling Gree~;? Administrative Instruction No. 20
SECTION 1: BACKGROUND THE CITY OF BOWLING GREEN of#
More informationIDENTITY THEFT PREVENTION PROGRAM TRAINING MODULE February 2009
IDENTITY THEFT PREVENTION PROGRAM TRAINING MODULE February 2009 Table of Contents Introduction to the Training Module.. i I. Introduction. 1 II. Definitions. 3 III. Recognizing Identity Theft.. 6 IV. Identifying
More informationIDENTITY THEFT PREVENTION PROGRAM
IDENTITY THEFT PREVENTION PROGRAM Implemented October 2009 Page 1 Table of Contents Background... 3 Purpose... 3 Definitions... 3 Pretext Calling... 4 Receiving Telephone Calls... 5 Change of Address...
More informationThe University of North Carolina at Charlotte Identity Theft Prevention Program
The University of North Carolina at Charlotte Identity Theft Prevention Program Program Adoption As a best practice and using as a guide the Federal Trade Commission s ( FTC ) Red Flags Rule ( Rule ),
More informationDetecting, Preventing, and Mitigating Identity Theft
THE RED FLAGS RULE Detecting, Preventing, and Mitigating Identity Theft Training for Ball State University s Identity Theft Protection Program What is the Red Flag Rule? Congress passed the Fair and Accurate
More informationIDENTITY THEFT PREVENTION PROGRAM OVERVIEW
AUTOMOTIVE IDENTITY THEFT PREVENTION PROGRAM OVERVIEW What is the Red Flag Ruling? The Red Flag Ruling requires automotive dealerships to implement policies and procedures to prevent fraud due to identity
More informationI. Purpose. Definition. a. Identity Theft - a fraud committed or attempted using the identifying information of another person without authority.
Procedure 3.6: Rule (Identity Theft Prevention) Volume 3: Office of Business & Finance Managing Office: Office of Business & Finance Effective Date: December 2, 2014 I. Purpose In 2007, the Federal Trade
More informationIdentity Theft Prevention Policy. Effective Date: January 1, 2011. Policy Statement
Identity Theft Prevention Policy Effective Date: January 1, 2011 Policy Statement Identity Theft is a crime in which an individual wrongfully obtains and uses another person's personal data, usually for
More informationUniversity of Arkansas at Monticello Identity Theft Prevention Program
University of Arkansas at Monticello Identity Theft Prevention Program Overview The University Of Arkansas System Board Of Trustees adopted an Identity Theft Prevention Program (ITP) in compliance with
More informationRANDOLPH COUNTY HEALTH DEPARTMENT. Identity Theft Prevention Program. Adopted August 3, 2009 Effective beginning August 1, 2009
RANDOLPH COUNTY HEALTH DEPARTMENT Identity Theft Prevention Program Adopted August 3, 2009 Effective beginning August 1, 2009 I. PROGRAM ADOPTION The Randolph County Health Department ( the Department
More informationDOYLESTOWN FAMILY MEDICINE, P.C. IDENTITY THEFT PREVENTION PROGRAM TEMPLATE ADOPTED AND EFFECTIVE: APRIL 15, 2009 UPDATED:
DOYLESTOWN FAMILY MEDICINE, P.C. IDENTITY THEFT PREVENTION PROGRAM TEMPLATE ADOPTED AND EFFECTIVE: APRIL 15, 2009 UPDATED: I. Adoption of Identity Theft Prevention Program Doylestown Family Medicine, P.C.
More informationXavier University. Fair & Accurate Credit Transactions Act (Red Flags Rule) Policy and Procedures
Xavier University Fair & Accurate Credit Transactions Act (Red Flags Rule) Policy and Procedures Revised April 7, 2009 1 Identity Theft Policy IdentityTheft An identity can be stolen with nothing more
More informationUniversity of Dayton Red Flag ID Theft Prevention Program
University of Dayton Red Flag ID Theft Prevention Program I. Program Adoption The University of Dayton developed this Identity Theft Prevention Program ("Program") pursuant to the Federal Trade Commission's
More informationPROPOSED PROCEDURES FOR AN IDENTITY THEFT PROTECTION PROGRAM Setoff Debt Collection and GEAR Collection Programs
PROPOSED PROCEDURES FOR AN IDENTITY THEFT PROTECTION PROGRAM Setoff Debt Collection and GEAR Collection Programs The Identity Theft and Fraud Protection Act (Act No. 190) allows for the collection, use
More informationIdentity Theft Prevention Program
Identity Theft Prevention Program DATE: 10/22/2015 VERSION 2015-1.0 Abstract Purpose of this document is to establish an Identity Theft Prevention Program designed to detect, prevent and mitigate identity
More informationDeer Park Independent School District. Identity Theft Policy and Board of Trustees Resolution
Deer Park Independent School District Identity Theft Policy and Board of Trustees Resolution Deer Park, Texas ORDINANCE AND RESOLUTION A RESOLUTION ADOPTING AN IDENTITY THEFT POLICY WHEREAS, The Fair and
More information01.230 IDENTITY THEFT PREVENTION PROGRAM (RED FLAGS)
01.230 IDENTITY THEFT PREVENTION PROGRAM (RED FLAGS) Authority: Board of Trustees History: Effective May 1, 2009 (approved initially April 24, 2009) Source of Authority: Related Links: Responsible Office:
More information