Educause Security Discussion mailing list archives

Previous By Date Next
Previous By Thread Next

Re: FTC and Red Flag Rule

From: Allison Dolan <adolan () MIT EDU>
Date: Thu, 9 Oct 2008 08:01:34 -0400
I ran across this Red Flag template - although it is for a Utility,
it gave us a starting point.

URL http://lists.unc.edu/read/attachment/4814805/2/Identity+Theft
+Prevention+Program+Template.doc.


Allison F. Dolan
Program Director, Personally Identifiable Information
Massachusetts Institute of Technology
77 Massachusetts Ave  NE49-3021
Cambridge MA 02139-4307
Phone: (617) 252-1461
http://mit.edu/infoprotect



On Oct 8, 2008, at 3:23 PM, Anand Malwade wrote:



Hi,

Does anyone know if Educational Institutions are affected by the
FTC's Red flag rule about maintaining an Identity Theft program ?
If yes has anyone implemented or has a roadmap for deployment?
In my opinion if the rule is indeed applicable, the Institution's
Legal Counsel should drive the initiative and not IT.

Any suggestions are welcome.


http://www.dciginc.com/2008/08/ftc-issues-red-flag-rules-reminder-
ensuring-i.html

http://www.ftc.gov/bcp/edu/pubs/business/alerts/alt050.shtm



Thanks,
Anand



Anand Malwade, CISSP,CISM,CISA.
Information Security Officer,
Seton Hall University,
malwadan () shu edu
Previous By Date Next
Previous By Thread Next

Current thread: