FTC Extends Deadline for Identity Theft Red Flags Rule
June 15, 2010
The Federal Trade Commission (FTC) has issued yet another extension on enforcement of the identity theft Red Flags Rule until December 31, 2010. This additional delay will give members of Congress time to consider legislation that would affect the scope of entities covered by the rule. The Red Flags Rule requires creditors and financial institutions to address the risk of identity theft. Under the rule, entities that have "covered accounts" must develop and implement written identity theft prevent programs to help identify, detect, and respond to patterns, practices, or specific activities that could indicate identity theft. The rule became effective on January 1, 2008, with full compliance originally required by November 1, 2008. Since then, the FCC has announced multiple delays in enforcement.
The latest delay comes as members of Congress requested more time to finalize legislation that would limit the scope of business covered by the rule. Although the FTC has granted several extensions, it would like Congress to act swiftly in passing legislation that resolves the question regarding which entities are covered by the rule. The FTC's press release provides more information.
NACUBO's Red Flags resource page provides links to documents and tools to help institutions develop an identity theft protection plan, including sample policies from colleges and universities and an FAQ from the FTC which explains its enforcement plan.
Vice President, Regulatory Affairs
- Comments on Form 1098-T Reporting Due Soon
- New ITIN Procedures For Certifying Acceptance Agents and International Students
- Higher Education Community Offers Comments on Web Accessibility Proposal
- ON-DEMAND: The CBO's Role in Diversity and Inclusion on Campus
- ON-DEMAND: The Clery Act: Strategic Planning to Mitigate Institutional Risk
- ON-DEMAND: Title IX: Key Issues Surrounding Institutional Compliance
- ON-DEMAND: NACUBO Live! Higher Education Accounting Forum
- ON-DEMAND: Responsibility Center Management: Two Different Perspectives