Red Flags Rule & Identity Theft
New Identity Theft Is In Effect!
If your business or non-profit organization regularly accepts deferred payment or provides goods and services and bills customers later you must design, put in writing and implement a formal identity-theft prevention program.
If you don't, you could face fines of up to $2,500 per ID-theft incident, not to mention the usual threats of lawsuits and reputational damage that sometimes result from a data breach.
The new rules don't apply to all businesses, but they will pertain to many that collect and store information about others — names, addresses, Social Security numbers, bank-account and credit-card numbers and so on — either because the firms defer payments themselves or bill customers later for goods or services.
In a statement, the FTC said that by identifying red flags in advance, businesses will be better equipped to spot suspicious patterns when they arise and take steps to prevent a red flag from becoming a costly case of identify theft.
Every program must include four procedures:
SAF has drafted a template of a sample policy that can be used as a guideline for business owners to create their own plans and avoid the cost of having a lawyer draft them. The document also provides examples of potential red flags and specific procedures for detecting red flags and responding to them.
Keywords: red flag, security, retail floral industry