Call Today:
(480) 733-6800
Quick Contact Form
Your Full Name:
Phone:

Your Email:
Comments:
Character Limit: 150
(You've typed 0)
Practice Areas > Business & Commercial Transactions > Businesses, Are You Ready? - Red Flags Rule begins 11/1/09
 

Businesses, Are You Ready? - Red Flags Rule begins 11/1/09

 
 
By Alan K. Wittig, Esq., CITRIMS
 
Arizona has the dubious distinction of being the leader(per capita) in identity theft. As individuals this is, of course, a cause of concern. But as a business and business owner what does this mean?
 
In the July 19, 2009 edition of the Arizona Republic it was reported that the Federal Trade Commission(FTC) would require, as of August 1, 2009, businesses to have in writing identity theft preparedness policies. These policies also include many non-profit groups. However, the FTC again extended the deadline for enforcement of the Red Flags Rule to November 1, 2009.
 
The Red Flags Rule was authorized under the Fair and Accurate Credit Transactions Act or FACTA. Pursuant to this rule, every business that collects and/or stores information about others; such as names, addresses, credit card numbers, Social Security numbers, etc. are required to have in place written identity theft preparedness policies. At a minimum, the written policy must have:
 
·        One employee to coordinate the company’s information security program
·        Assess and identify risks to customer information in each area of the business’s operations
·        Develop and maintain a safeguards program to protect customer information and regularly test and monitor the program
·        Select and utilize service providers that maintain appropriate safeguards
·        Regularly evaluate the program and modify it based upon operations or results from the testing and monitoring of the program
 
Failure of a business to have these safeguards in place could mean fines up to $3500 per ID theft incident. This of course does not include the lawsuits filed by the consumer against the company. Security breaches affect businesses in other ways. In an article by Edward McNicholas, partner in the law firm Sidley Austin, published in the CIO (Chief Information Officer) magazine, he said 20% of your consumers will no longer do business with you, 40% will consider ending the business relationship and 5% will be hiring lawyers.
 
These are the main regulations to be implemented but are not all inclusive of the new requirements for business security. In short, you as a business and business owner cannot afford to be unprepared. And you certainly cannot afford to hope the FTC will extend the deadline again.
 
Alan K. Wittig is a graduate of Southern Illinois School of Law and is admitted to practice in Illinois and Arizona. He is also a Certified Identity Theft Risk Management Specialist. Currently he is an attorney with the PrePaid Legal Division of DavisMiles, PLLC.