Effective December 31, 2010, the Red Flags Rule requires organizations extending payment terms to customers and that have personal information on file to:
1-Create written “Program” that identifies where personal customer information is vulnerable to unauthorized access ro where the organization is vulnerable to ID Theft.
2-Institute precautions that address those ID Theft vulnerabilities and train employees to comply with those precautions.
3-Intervene, alert the authorities, or warn the potential victims when there is a threat of ID Theft.
4-Have the “Program” controlling ID Theft vulnerabilities signed by the Board of Directors or the company owners annually.
5-Require audits of data-related vendors with access to personal information of customers.
The Federal Trade Commission is in charge of enforcing the law and estimates that nearly 11 million organizations are legally required to comply. That is close to 40% of all US Businesses.
Shredding is among the most secure ways to ensure confidential paperwork is kept confidential. Businesses should strongly consider including regularly scheduled on-site shredding service in their Red Flags “Program”.
At HV Shred, we know our community of businesses has long been aware of following through on their fiduciary duties to properly dispose of confidential information and would like to help make that program even easier with on-site shredding. Check out www.hvshred.com for more information.