If you are unaware of the FTCs May 1st deadline, you have some last minute work to do.
A little history:
With all the large scale Data Breaches over the last several years the FTC has increased the parameters on privacy law compliance. In January of 2008 the Red Flags Rule was approved for addition to the Fair and Accurate Credit Transaction Act with a compliance date of November 1, 2008, for all businesses falling under the new guidelines. In October of 2008, the government decided to extend the compliance date under the realization that the majority of businesses in the compliance parameters were either unaware of the law completely or did not understand the language of the law and if or how it applied to them.
In laments terms:
If your business accepts credit cards, manages customer accounts, extends credit, or processes personal information in any other manner you should be taking steps toward implementing a written policy on protecting both your customers' and your employees' personal information and preventing a data breach.With this, ALL employees, regardless of position or status must undergo training on the new policy, with an identified "security officer" to oversee the compliance and effectiveness of the new policy, as well as manage adjustments as needed.
Here is a helpful video from the FTC.
Stacey Jimenez, Certified Identity Theft Risk Management Specialist
A little history:
With all the large scale Data Breaches over the last several years the FTC has increased the parameters on privacy law compliance. In January of 2008 the Red Flags Rule was approved for addition to the Fair and Accurate Credit Transaction Act with a compliance date of November 1, 2008, for all businesses falling under the new guidelines. In October of 2008, the government decided to extend the compliance date under the realization that the majority of businesses in the compliance parameters were either unaware of the law completely or did not understand the language of the law and if or how it applied to them.
In laments terms:
If your business accepts credit cards, manages customer accounts, extends credit, or processes personal information in any other manner you should be taking steps toward implementing a written policy on protecting both your customers' and your employees' personal information and preventing a data breach.With this, ALL employees, regardless of position or status must undergo training on the new policy, with an identified "security officer" to oversee the compliance and effectiveness of the new policy, as well as manage adjustments as needed.
Here is a helpful video from the FTC.
Stacey Jimenez, Certified Identity Theft Risk Management Specialist
By Stacey Jimenez at 7:03:35 Comments: 0
Leave a comment