Red Flags Rule: How Do I Create A Red Flags Rule Program?
by Chelsea Camper | Last Updated December 30, 2015Creating a Red Flags Rule Program isn’t as hard as it may sound at first, but it can be narrowed down to 2 basic concepts:
- Find the warning signs of identity theft
- Have an effective way of dealing with the warning signs to try to prevent the theft of identity
The Red Flags Rule states that you must include these
4 basic elements in your program:
- Reasonable policies and procedures to watch out for the “Red Flags” (warnings) of identity theft
- The program must be be designed to detect these “Red Flags”
- Procedures must spell out the appropriate actions to take when a “Red Flag” is detected
- The Procedures must also address how to keep the policies and procedures up to date
While the FTC does have a Red Flags Rule Template for Low Risk Businesses, you are free to design your program to correlate with your standing data security system. Your data security system protects current information while the Red Flags Rule program is on the look out for fraud.
There are 5 common Red Flags of Identity Theft that you should be on the look out for:
- False alerts, notifications, and warnings from credit reporting companies
- Suspicious documents
- Suspicious personal identification information
- Suspicious account activity
- Notices from other sources
The method of how your Red Flags Rule Program works is flexible as long as it meets the core requirements above.
Check out the rest of Burris’ Red Flags Rule Series.
Have you started on your Red Flags Rule Program?
Image: tuchodi
