Capture the Red Flags: The FTC's Red Flag Rules for reducing fraud due to identity theft take effect on November 1. Here's what you need to do to make sure you comply

On November 1, many companies will be required to comply with new regulations issued by the Federal Trade Commission that are designed to reduce the risk of fraud through identity theft. The so-called Red Flag rules (formally known as Identity Theft Red Flags and Address Discrepancies) require compa...

Full description

Saved in:
Bibliographic Details
Published in:CIO 2009-10, Vol.23 (2)
Main Authors: Karlyn, Matt, Tantleff, Aaron, Dyer, Nick
Format: Article
Language:English
Subjects:
Chief information officers
Compliance
Data integrity
Employees
Fair & Accurate Credit Transactions Act 2003-US
Federal regulation
Identity theft
Information management
Legal counsel
Security management
Third party
Online Access:Get full text
Tags: Add Tag
No Tags, Be the first to tag this record!
Description
Summary:On November 1, many companies will be required to comply with new regulations issued by the Federal Trade Commission that are designed to reduce the risk of fraud through identity theft. The so-called Red Flag rules (formally known as Identity Theft Red Flags and Address Discrepancies) require companies subject to the legislation-- essentially any company that issues invoices--to develop a written information security program to detect, prevent and mitigate identity theft in connection with certain types of accounts, including those which present a reasonably foreseeable risk to customers. The rules are intended to ensure companies can identify and respond to the warning signs of potential identity theft. This article presents guidelines to assist your company with compliance. They include: 1. Perform a risk assessment. 2. Define relevant red flags. 3. Detect and respond to red flags. 4. Insist on third party compliance.
ISSN:0894-9301