[teknoids] Red Flags Rule :: Delayed ::
elmer at teknoids.net
Sat May 2 13:26:39 EDT 2009
The FTC has pushed back enforcement of the rule 3 months, until August
Seems like they're hoping Congress will step up and more narrowly
define what a creditor is for the purpose of the rule.
Just say I always a good follow up.
On Fri, Apr 24, 2009 at 10:31 AM, Elmer Masters <elmer at teknoids.net> wrote:
> Well this is interesting. Not sure if it really applies to
> Universities, but hey what do I know:) What Greg is referring to is
> the FTC's "Red Flags Rule". They have a website at
> http://www.ftc.gov/bcp/edu/microsites/redflagsrule/index.shtml with
> the fuzzy details. The intent of the rule really seems to be that it
> "seeks to prevent identity theft by ensuring that your business or
> organization is on the lookout for the signs that a crook is using
> someone else’s information, typically to get products or services from
> you with no intention of paying." (pg7 of "Fighting Fraud with the Red
> Flags Rule: A How-To Guide for Business"
> http://www.ftc.gov/bcp/edu/pubs/business/idtheft/bus23.pdf). In a
> nutshell you may need policies in place to make sure someone doesn't
> pay for law school using a stolen identity.
> FWIW, the question is/will be whether or not educational institutions
> are considered "creditors" under the rule. This search
> http://www.google.com/search?q=ftc+red+flag+rules+university reveals
> that a number of universities have already adopted policies addressing
> the rule.
> web guy at teknoids.net
> On Thu, Apr 23, 2009 at 7:31 PM, Greg Mathes <gmathes at pacific.edu> wrote:
>> in consideration of updated FTC regulations. Apparently, the original scope
>> of these FTC regulation changes was thought to be limited to financial
>> institutions, but is now being generally considered to include anyone that
>> offers any form or deferred payment. As we understand it, the new
>> requirements that go into effect on May 1 include:
>> Identifying categories of protected information
>> Identifying categories of anyone that you share this data
>> Detailing any procedures that allow updating of your constituents personal
>> Detailing your method of notifying individuals when their information has
>> been updated
>> Inventorying and assessing risk of all systems that contain “protected
>> Maintaining an active committee of group that investigates any changes made
>> to “red flag” areas, for possible security holes
>> Have others had this issue lobbed over their transom recently? If so, do
>> you have any written policies that you could share?
>> Many thanks,
>> Greg Mathes, Chief Technology Officer
>> University of the Pacific, McGeorge School of Law
>> 3200 5th Ave. Sacramento, CA 95817
>> (Office) 916-739-7224
>> (Fax) 916-739-7388
>> You are currently subscribed to teknoids as: elmer at teknoids.net.
>> To unsubscribe send a blank email to teknoids-leave at ruckus.law.cornell.edu
>> See the web interface at
>> http://ruckus.law.cornell.edu/mailman/listinfo/teknoids to get your list
>> password, unsubscribe, and view your list settings.
More information about the Teknoids