With the upcoming start of the Husker Season, many people in Nebraska associate Red Flags with football. However, your business needs to know about the FTC Red Flags Rule, and what it means to your business. So, what on earth does this have to do with Identity Theft?
Small business owners: it’s time to pull your “proverbial” head out of the sand and let’s talk about the “Red Flags Rule”. On December 18, 2010 The Red Flags Rule went into effect. This legislation, buried in the FTC code, could have turned your company into a “Creditor”. A creditor – Per the FTC – is defined as a company that offers any kind of service and bills for it later. For example “Net” Terms qualify as offering credit per the Federal Trade Commission, even if there are no written agreements or interest associated.
Business that used to be done on a handshake basis now could land you in hot water with the FTC with a sizable fine to accompany the reprimand.
Red Flags vary per industry per company. It is your obligation and duty to define what constitutes a Flag for your business. Once defined, they must be written and implemented in procedures, operating manuals and handbooks. Similar to other compliance items, staff must be trained, and procedures accessible in case of a security breach.
The following steps have been outlined by the FTC in order to aid in compliance with the Rule:
1. Identify the relevant Red Flags (warnings) of identity theft you’re likely to come across in your business.
2. Detect Red Flags. Set up procedures to detect those red flags in your day-to-day operations.
3. Prevent and mitigate Identity Theft. If you spot the Red Flags you’ve identified, respond appropriately to prevent and mitigate the harm done.
4. Update your program. The risks of Identity Theft can change rapidly, so it’s important to keep your program current and educate your staff.
Creating a culture of security in your business in regards to data security and customer information breaches is paramount. When you decide to mitigate your risk and protect your employees, customers, and organization, we are able to help with a needs assessment.
For information on how you can protect your identity, please contact Kyle at 402) 405-0438 or Kyle.Dailey@SequrID.com or visit SequrID.com