Data Security Regulations Red Flags Rule |
The Federal Trade Commission has extended the compliance with the Red Flags Rule for companies that are deemed to be "finance or credit companies." The compliance date now is August 1, 2009. Under the FTC regulations, companies that are deemed to be credit companies need to have a policy and program to monitor the activity in their accounts for possible identity theft. Please note, the FTC takes an expansive view of who is a credit company, defining the term as "any person who regularly extends, renews, or continues credit" - where "credit" is defined as "the right to defer payment of debt."
Should you need assistance in developing a security plan, or if you have other questions, please contact us. |