Red Flag Rule
The Federal Trade Commission has defined Red Flag Rules for financial institutions and creditors. In 2008, the FTC updated the rules and expanded previous definitions of creditors to include any entity that offers credit to consumers. This includes many previous unaffected organizations such as hospitals and municipalities. The requirements are that organizations create an Identity Theft Prevention Program that is designed to prevent, detect, and mitigate identity theft in connection with new and existing accounts.
Requirements such as the Red Flag Rule guide organizations in their development and implementation of IT security practices. However, the alphabet soup can be confusing, and organizations can become unsure of how to achieve compliance or when standards compliance is compulsory and when it is optional. Applied Trust can help navigate these waters.
Let us bring a practical approach to your compliance effort. Call us at (303) 245-4545 or contact us online.