-
Research
and PublicationsStay -
Conferences
and EventsAnnual Conference
October 15–18, 2013
Register now!Events for all Levels and Interests
Whether you're looking for a conference to attend face-to-face to connect with peers, or for an online event for team professional development, see what's upcoming.
Stay -
Career
DevelopmentEDUCAUSE Institute
Leadership/Management Programs
Explore MoreCareer Center
Leadership and Management Programs
EDUCAUSE Institute
Advanced Programs
Project Management
Jump Start Your Career Growth
Explore EDUCAUSE professional development opportunities that match your career aspirations and desired level of time investment through our interactive online guide.
Stay -
Focus Areas
and InitiativesLatest Topics
EDUCAUSE organizes its efforts around three IT Focus Areas
Join These Programs If Your Focus Is
Stay -
Connect
and ContributeFind Others
Get on the Higher Ed IT Map
Employees of EDUCAUSE member institutions and organizations are invited to create individual profiles.
Stay -
About
EDUCAUSEUncommon Thinking for the Common Good™
EDUCAUSE is the foremost community of higher education IT leaders and professionals.
Stay
Subscribe
Filter by type
Filter by Publications
Filter by Presentations
Filter by Library Taxonomy
- ID Theft Red Flags [x]
- Cybersecurity Policy (30)
- Federal Policy and Law (30)
- Policy and Law (30)
- Federal Privacy Law (13)
- Identity Theft (11)
- Cybersecurity (9)
- Security Management (6)
- Identity and Access Management (4)
- Privacy (4)
- Campus Policy and Law (3)
- Information Technology Management and Leadership (3)
- Audit (2)
- Campus Policies (2)
- Data Security (2)
- Family Educational Rights and Privacy Act (FERPA) (2)
- Health Insurance Portability and Accountability Act (HIPAA) (2)
- Intellectual Property (2)
- P2P File Sharing (2)
- Privacy Policies (2)
On December 18, 2010, President Obama signed into law the Red Flag Program Clarification Act. The new law limits the circumstances in which creditors are covered by the Red Flags Rule. The FTC is revising the materials on its website to reflect the change in the law. The FTC also released a statement regarding the House and Senate passage of legislation clarifying the Red Flags Rule on December 8, 2010.
The FTC's Red Flags website offers resources to help entities determine if they are covered and, if they are, how to comply with the Rule. It includes an online compliance template that enables companies to design their own Identity Theft Prevention Program through an easy-to-do form, as well as articles directed to specific businesses and industries, guidance manuals, and Frequently Asked Questions to help companies navigate the Rule. EDUCAUSE also has sample campus policies and programs available on this page.
October 2008 Red Flags Webcast
Creating a Compliance Program for Identity Theft Rules
October 22, 2008 - Red Flags Webcast (Archived)
Speaker: Naomi Lefkovitz, Attorney, Division of Privacy and Identity Protection, Federal Trade Commission
Summary: New federal regulations to address identity theft go into effect November 1, 2008, and are likely to affect colleges and universities in nuanced ways. Compliance will require careful study and collaboration among business officers, human resources, legal counsel, student services, IT, and other affected campus units. The rules require users of consumer reports to develop reasonable policies and procedures to apply when they receive a notice of address discrepancy from a consumer reporting agency. They also require that institutions develop and implement an Identity Theft Prevention Program for combating identity theft in connection with new and existing accounts.
Who is subject to and must comply with the regulations on ID Theft Red Flags and Notices of Address Discrepancy? What business practices at colleges and universities are covered by the rules? What are some of the things that entities subject to the rules must do? What role does IT play in compliance with the rules? What are the penalties for failure to comply? This webcast will address these and many other questions, in addition to providing an online forum for community collaboration and sharing.
Powerpoint Slides:
References:
- FTC Announcement: "Agencies Issue Final Rules on Identity Theft Red Flags and Notices of Address Discrepancy"
- FTC Identity Theft website
- NACUA General Summary of FACTA
- NACUBO Bulletin: "FTC's Red Flag Rule Likely to Affect Colleges"
Sample Campus Policies for FTC "Red Flags" Rules
- Identity Theft Prevention Program -- Sample Policy (prepared by the Kentucky League of Cities)
- Indiana University Identity Theft Prevention Program
- Indiana University Policy on the Risks of Potential Identity Theft in the Use of Stored-Value and Payroll Deduct
- Kalamazoo College Identity Theft Prevention Program -- Sample Policy
- Model Identity Theft Policy and Adopting Resolution
- Sample Identity Theft Prevention Program
Updated February 2011
Library Items on this Topic
EDUCAUSE Library Items for ID Theft Red Flags
-
ID Theft Red Flags
-
ID Theft Red Flags True On December 18, 2010, President …
-
26 of 1: Compliance with the Red Flags Rule in Higher Education
-
April 16, 2013
|
A session at the Security Professionals Conference
Compliance with financial regulations in higher education, especially the Red Flags Rule, is as complex as it gets; it is a regulation with elusive requirements. Join two university privacy officer…
-
FTC Issues Amended Rule on Identity Theft “Red Flags”
-
December 19, 2012
The Federal Trade Commission (FTC) announced publication of an Interim Final Rule on identity theft “red flags” that narrows the circumstances under which creditors are covered by the Rul…
-
Legal and Compliance Issues
-
November 5, 2009
This unique, online-only session will discuss legal and compliance issues. This unique, online-only session will discuss legal and compliance issues. …
-
Ferreting Out Sensitive Data
-
March 10, 2009
|
A session at the NERCOMP Annual Conference 2009
FERPA, HIPAA, and red flag rules: we're swimming in an alphabet soup of federal regulations related to information privacy and prevention of identity theft. Learn how MIT approached the proble…
-
Sample Identity Theft Prevention Program
-
November 18, 2008
This is a sample template for a university Identity Theft Prevention Program. This is a sample template for a university Identity Theft Preventio…
-
Identity Theft Red Flags and Address Discrepancies under the Fair and Accurate Credit Transactions Act of 2003
-
October 15, 2007
The OCC, Board, FDIC, OTS, NCUA and FTC (the Agencies) are jointly issuing final rules and guidelines implementing section 114 of the Fair and Accurate Credit Transactions Act of 2003 (FACT Act) …
-
Disposal of Consumer Report Information and Records
-
June 30, 2005
The Fair and Accurate Credit Transactions Act of 2003 ("FACT Act" or "Act") requires the Federal Reserve Board, Office of the Comptroller of the Currency, Federal Deposit Insu…
-
FACTA: What Is "Consumer Information"
-
October 24, 2007
Created by the FTC to reduce the risk of identity theft and consumer fraud, FACTA proposes to enforce the full destruction of consumer information by businesses. …
-
Year End Issuances by Federal Regulators Address a Multitude of Privacy Issues
-
January 23, 2008
The final weeks of 2007 saw a flurry of regulatory activity by the federal banking regulatory agencies and the Federal Trade Commission. These issuances, whether in the form of final rules and …

















