It’s just been reported that the FTC has again delayed the enforcement of their identity theft Red Flags rule until the end of December 2010. If your unfamiliar with this legislation, it basically requires that certain businesses develop and implement written identity theft prevention programs to help identify “red flags” that might indicate identity theft. It’s primarily targeted at financial institutions and other creditors that maintain large amounts of sensitive consumer information such as Social Security and bank account numbers. Is this something your organization is having to comply with and if so, how has the delay affected your compliance plans?
For more information, check out the FTC’s page: www.ftc.gov/opa/2010/05/redflags.shtm