Red Flag Rules Effective June 1, 2010
The Red Flags Rule under the Fair and Accurate Credit Transaction Act of 2003 (FACTA) will require businesses to implement a written identity theft policy to protect their sensitive information from incidents of identity theft. Identity theft is a serious and growing crime. In 2008, $60 billion was lost and more than 35 million consumer records were exposed due to data breaches and identity theft, a 47% increase over 2007. As a result, more and more laws are being passed that require businesses to safeguard sensitive customer information.
Noncompliance can cost businesses thousands in terms of fines and penalties and can open them up to employee and client lawsuits. The Federal Trade Commission (FTC) has stated that many of the estimated 11 million businesses affected by the Red Flags Rule are unaware of the law and the impact on their business. Under the Rule, businesses and organizations that maintain consumer information for a business purpose or use credit reports, extend credit, or defer payments for goods and services (“creditors”) are also subject to the new identity theft law.
As such, the law affects businesses as diverse as health care, auto dealers, jewelers, equipment leasing, landlords, schools, and even home and yard cleaning services. Because of the broad scope of identity theft, few businesses will be able to escape the new requirements.
Who Needs It?
All businesses with one or more employees that maintain consumer information for a business purpose (i.e. credit cards, social security numbers, insurance information, etc.) are required to have a written policy protecting themselves against identity theft under the Red Flags Rule of FACTA.
Affected businesses and organizations have until June 1, 2010, to meet the new requirements mandated by the Federal Trade Commission (FTC). Implementing an information security policy at your businesses will help you avoid economic loss resulting from identity theft, as well as the potential loss of customers and market reputation.
Contact us about our Workplace Identity Theft Prevention Kit that is designed to aid companies who must comply with privacy laws aimed at combating identity theft. The Kit follows guidelines established and enforced by the FTC as well as other federal and state government guidelines on identity theft protection.
---------------------------------------------------------------------------------------------
Update Your Employee Bulletin Board Employers must display a new version of the EEO is the Law poster that explains employees' rights under the Genetic Information Nondiscrimination Act (GINA), which took effect in November, 2009. Find a link to a printable version of the poster at http://www.dol.gov/ofccp/regs/compliance/posters/pdf/eeopost.pdf
Department of Labor Refocuses on Enforcement
The U.S. Department of Labor has promised to “refocus the agency on its enforcement responsibilities.” It has added 250 new field investigators—a staff increase of more than a third—to look into employer noncompliance on pay and overtime issues. They have also increased their budget by $25 million to step up their “Misclassification Effort” that focuses on independent contractors vs. employee status. This comes after a report cited the DOL for weak response to complaints. For a free 8-Step Plan to prepare for a DOL audit, contact Leslie Philbrook. If your business needs our expertise help or advice, we are always there for you. You are always welcome to call our business consultants at (510) 235 1044. |
