Yesterday’s Advisor introduced the Red Flags Rules for preventing identity theft. Today, we learn more about red flags, and we introduce an up-coming webinar on how to protect your customers’ and employees’ identities.
Here are more typical red flags for identity theft. (Go here for the first three types of flags)
4. Suspicious Account Activity
Sometimes the tip-off is how the account is being used. Here are some red flags related to account activity:
- Soon after you’re notified of a change of address, you’re asked for new or additional credit cards, cell phones, etc., or to add users to the account.
- A new account that’s used in ways associated with fraud—for example, the customer doesn’t make the first payment, or makes only an initial payment or most of the available credit is used for cash advances or for jewelry, electronics, or other merchandise easily convertible to cash.
What’s really scary about identity theft? The #1 source of ID theft isn’t stolen wallets or hacked department store computers—it’s the workplace. Join us September 9 for an important BLR webinar, ID Theft in the Workplace: How to Protect Your Employees’ Information and Reduce Your Legal Risks.
5. Notice from Other Sources
Sometimes a red flag that an account has been opened or used fraudulently can come from a customer, a victim of identity theft, a law enforcement authority, or someone else.
Step Two—Detect Red Flags
Once you’ve identified the red flags of identity theft for your business, it’s time to lay out procedures for detecting them in your day-to-day operations.
New accounts. When verifying the identity of the person who is opening a new account, reasonable procedures may include getting a name, address, and identification number and, for in-person verification, checking a current government-issued identification card, like a driver’s license or passport.
Asking challenge questions based on information from other sources can be another way of verifying someone’s identity.
Existing accounts. To detect red flags for existing accounts, your program may include reasonable procedures to confirm that the person you’re dealing with really is your customer, or to confirm address changes.
Step Three—Prevent and Mitigate Identity Theft
When you spot a red flag, be prepared to respond appropriately. Remember, your response may need to accommodate other legal obligations—for example, laws for medical providers or utility companies regarding the provision and termination of service.
The guidelines in the Red Flags Rule offer examples of some appropriate responses, including:
- Monitoring a covered account for evidence of identity theft
- Contacting the customer
- Changing passwords or security codes
- Closing an existing account
Step Four—Update the Program
The Rule recognizes that new red flags emerge as technology changes or identity thieves change their tactics. Therefore, the FTC requires periodic updates to your program to ensure that it keeps current with identity theft risks.
How about your anti-identity theft program? Is your employees’ and customers’ trust in your data protection systems well-placed? If you are not sure, our editors recommend a new BLR webinar: ID Theft in the Workplace: How to Protect Your Employees’ Information and Reduce Your Legal Risks.
The date is September 9, 2009. The time, 1:30 p.m. to 3 p.m. (Eastern Time—adjust for your time zone).
You’ll learn how identity thieves operate, what they’re after, how to tell if they are attacking your data, and what to do about it. (We’ll also cover what to do if data should be released inadvertently.)
Hmmm, should have seen that coming–that is, going, as in private identity information. Join us September 9 for an important webinar on preventing identity theft in the workplace.
How Does a Webinar Work?
A webinar is remarkably cost-effective and convenient. You participate from your office, using a regular telephone and a computer with an Internet connection. You have no travel costs and no out-of-office time.
Plus, for one low price you can get as many people in your office to participate as you can fit around a speakerphone and a computer screen.
Because the conference is live, you can ask the speakers questions—about your specific issues—either on the phone or via e-mail.
As with all BLR webinars, your satisfaction is assured or you get a full refund.
Please join us September 9 for ID Theft in the Workplace: How to Protect Your Employees’ Information and Reduce Your Legal Risks.
Other Recent Articles on HR Policies and Procedures
Welch: ‘Work/Life Balance Is a Terrible Term’
Jack Welch: ‘HR, Get Out of the Picnic Business’
Write Fed-Friendly Job Descriptions
When Legal Behavior Boosts Employers’ Costs