Tag Archives: Red Flags Rule

FTC Publishes Identity Theft Program Template for Low-Risk Entities

Posted on June 8, 2009 by Hunton & Williams LLP

On May 13, 2009, the Federal Trade Commission ("FTC") published a compliance template designed to assist financial institutions and creditors "at low risk for identity theft " in developing the Identity Theft Prevention Program required by the FTC’s Identity Theft Red Flags and Address Discrepancies Rule (the "Rule"). The template is entitled "A Do-It-Yourself Prevention Program for Businesses and Organizations at Low Risk for Identity Theft."

Tags: Compliance, Federal Trade Commission, Red Flags Rule

FTC Delays Enforcement of the Red Flags Rule until August 1, 2009

Posted on May 1, 2009 by Hunton & Williams LLP

At the eleventh hour, the Federal Trade Commission announced that it will once again delay enforcement of the Red Flags Rule. The Red Flags Rule was promulgated pursuant to the Fair and Accurate Credit Transactions Act of 2003 ("FACTA"). The previous compliance date was May 1, 2009, which was an extension from the original deadline of November 1, 2008. The new extension applies only to the provisions of the Rule requiring financial institutions and creditors to implement an identity theft prevention program. The continuing enforcement delays respond to ongoing uncertainty about the Rule’s intended scope. In announcing this latest delay, the FTC cited "the ongoing debate about whether Congress wrote this provision [of FACTA] too broadly" and stated that extending the compliance deadline would "allow industries and associations to share guidance with their members . . . and give Congress time to consider the issue further." On March 20, 2009, the FTC published the Red Flags Rule Compliance Guide to assist organizations that must comply with the Red Flags Rule. The FTC stated in its news release yesterday that it will attempt to address some of the concerns regarding compliance with the Rule by publishing an identity theft prevention program template for low risk entities. The FTC’s news release is available here.

Tags: Compliance, FACTA, Federal Trade Commission, Red Flags Rule

FTC Publishes Red Flags Rule Compliance Guide; Confirms Broad Interpretation of the Rule

Posted on April 3, 2009 by Hunton & Williams LLP

On March 20, 2009, the Federal Trade Commission (“FTC”) published its long-awaited guide to the Red Flags Rule (the “Rule”), entitled “Fighting Fraud with Red Flags Rule: A How-To Guide for Business.” The guide applies to creditors and certain financial institutions (such as state-chartered credit unions and mutual funds that offer accounts with check-writing privileges) that are subject to the FTC’s jurisdiction and addresses the provision of the Rule that requires implementation of an Identity Theft Prevention Program. For entities subject to the FTC’s jurisdiction, the relevant compliance deadline is May 1, 2009. Financial institutions that are regulated by federal bank regulatory agencies or the National Credit Union Administration (which issues their own versions of the Red Flags Rule) were required to comply with the Rule as of November 1, 2008.

Tags: Compliance, Federal Trade Commission, Red Flags Rule

FTC Issues Red Flags Guidance

Posted on March 27, 2009 by Hunton & Williams LLP

On March 20, 2009, the Federal Trade Commission published a Red Flags Rule compliance guide for businesses, entitled “Fighting Fraud with the Red Flags Rule.” The guide offers an overview of the Rule and practical steps businesses need to take to comply. In addition, the guide addresses the issue that has raised the most concern among businesses — the Rule’s scope. As expected, the FTC is interpreting the Rule broadly, suggesting, for example, that any company that sells goods or services and bills customers later is a "creditor" subject to the Rule. According to the guide, “creditors” also may include retailers that merely “process” credit applications. Please visit our blog next week for a detailed analysis of the FTC’s guide. The guide is available here.

Tags: Federal Trade Commission, Red Flags Rule

Compliance Deadline Extended for Massachusetts Data Security Regulations

Posted on November 18, 2008 by Hunton & Williams LLP

Massachusetts recently announced that it is extending the deadline for compliance with new state data security regulations. In consideration of the current economic climate, Massachusetts has extended its original compliance deadline of January 1, 2009. The new compliance deadline will be phased in. By May 1, 2009, companies that are subject to the regulations must generally comply with the new standards and must contractually ensure the compliance of their third-party service providers. In addition, by May 1, 2009, covered businesses must encrypt laptops containing personal information. By January 1, 2010, companies are required to have a written certification of compliance from their third-party service providers and must encrypt other company portable devices, such as memory sticks and PDAs.

Tags: Massachusetts, Red Flags Rule

Privacy and Information Security Law Blog - Global privacy and information security law updates and analysis

Tag Archives: Red Flags Rule

FTC Publishes Identity Theft Program Template for Low-Risk Entities

FTC Delays Enforcement of the Red Flags Rule until August 1, 2009

FTC Publishes Red Flags Rule Compliance Guide; Confirms Broad Interpretation of the Rule

FTC Issues Red Flags Guidance

Compliance Deadline Extended for Massachusetts Data Security Regulations

Published By Hunton & Williams

Search

Subscribe

Topics

Recent Updates

Blogroll

Privacy News