Will the new "Red Flag Rules" help curb data breaches & Identity theft?

| 3 Comments | No TrackBacks
Menacing headlines such as the recent Countrywide data theft continue to alarm and inform us to the ever growing presence of data theft.

With news of corporate data breaches hitting the papers every day it's clear criminals continue to find ingenious ways to skim, steal or hack whatever bits of information they can from large or small data bases or from our own rubbish, computer, wallet including the thing we most take for granted- our own identities!

The best defense -is great offense! The truth is, knowledge is power and when it comes to a data breach or identity theft -what you don't know can and will hurt you.

Business files contain a treasure trove of personal information for identity thieves; names,addresses,mothers' maiden names, insurance information, social security numbers, credit card and bank account information. This information is as good as gold to a potential thief. Employers may be being held liable for identity theft that occurs in the workplace and companies must be prepared to defend the procedures they've adopted to protect the personal data stored in their files.

Taking the necessary precautions to protect your data and your employees before a theft occurs, will go a long way towards minimizing the likelihood of identity theft, lessen the impact if one happens, and limit your liability when data breach occurs.

It's so crucial to educate employees on what they should be on the look out for, what they need to report and what steps they should take to secure data and avoid fraud. Employees who have access to sensitive information, should be given the tools they need to guard it. If you arm your employees with the appropriate resources and sufficient guidance and information, they can be your most valuable allies in preventing fraud-related losses.

The thing is, when it comes to identity theft or data breaches, the last thing any business wants to see is their name in the headlines! To help curb the long list of data breaches the Federal Trade Commission, the Federal Reserve, the National Credit Union Administration and other financial regulators in the United States are "phasing in" what they call the Red Flag Rules this year.

These rules mandate financial institutions and creditors set up and enforce written plans for identifying "red flag" transactions that could indicate identity theft or fraud. The law became effective January 1, 2008, and full compliance must be met by November 1 this year, which is not too far way. Here is a short summary;

 Red Flag Rules

The final rules require each financial institution and creditor that holds any consumer account, or other account for which there is a reasonably foreseeable risk of identity theft, to develop and implement an Identity Theft Prevention Program for combating identity theft in connection with new and existing accounts. The Program must include reasonable policies and procedures for detecting, preventing, and mitigating identity theft and enable a financial institution or creditor to:

1. Identify relevant patterns, practices, and specific forms of activity that are "red flags" signaling possible identity theft and incorporate those red flags into the Program;
2. Detect red flags that have been incorporated into the Program;

3. Respond appropriately to any red flags that are detected to prevent and mitigate identity theft; and
4. Ensure the Program is updated periodically to reflect changes in risks from identity theft.

The final rules also require credit and debit card issuers to develop policies and procedures to assess the validity of a request for a change of address that is followed closely by a request for an additional or replacement card. In addition, the final rules require users of consumer reports to develop reasonable policies and procedures to apply when they receive a notice of address discrepancy from a consumer reporting agency.

The agencies also issued guidelines to assist financial institutions and creditors in developing and implementing a Program, including a supplement that provides examples of red flags.

For more info see: FTC; Red Flag Rules

No TrackBacks

TrackBack URL: http://www.givemebackmycredit.com/cgi-bin/mt/mt-tb.cgi/251


Here is a link to an article over the new Red Flag rules - http://www.conetrix.com/articles/Identity-Theft-Red-Flags-the-readers-digest-version.aspx

In addition, here is a link further resources related to the new rules and guidelines - http://www.conetrix.com/Identity-Theft-Prevention-Program.aspx

Nice. A good blog!

Thanks Denise -important information and very helpful.
Sarah Donetti

Leave a comment

A memoir exposing the steep price consumers pay when facing mortgage servicing errors, inaccurate credit reporting, illegal debt collection practices, identity theft and weak consumer protection laws. THE BOOK » DENISE'S STORY »