Educause Security Discussion mailing list archives

Re: FTC and Red Flag Rule

From: "Smith, Bob" <smithrj () LONGWOOD EDU>
Date: Thu, 9 Oct 2008 12:08:52 -0400

Kevin,

I would be interested in this information.

Bob Smith
Information Security Officer
Longwood University


From: The EDUCAUSE Security Constituent Group Listserv [mailto:SECURITY () LISTSERV EDUCAUSE EDU] On Behalf Of 
Mclaughlin, Kevin (mclaugkl)
Sent: Wednesday, October 08, 2008 3:38 PM
To: SECURITY () LISTSERV EDUCAUSE EDU
Subject: Re: [SECURITY] FTC and Red Flag Rule

Hi Anand:

We are affected, or at least that is what my treasurer, GC and myself believe based on our research into this.    I am 
currently going through the final set of red flag rules and trying to prepare a high level executive summary of what I 
think this means.  Of the 328 pages I have been able to drop it down to 120 and am hoping to get that to a document 
under 10 pages that is basically a  "this is what you should be doing" doc.

If interested in getting a copy of that document (probably be early next week before I am finished with it) just let me 
know.

-Kevin


Kevin L. McLaughlin
CISM, CISSP, GIAC-GSLC,PMP, ITIL Master Certified
Director, Information Security
University of Cincinnati
513-556-9177 (w)
513-703-3211 (m)
513-558-ISEC (department)


 [cid:image001.png@01C92A07.CBB3B6A0]


CONFIDENTIALITY NOTICE: This e-mail message and its content is confidential, intended solely for the addressee, and may 
be legally privileged. Access to this message and its content by any individual or entity other than those identified 
in this message is unauthorized. If you are not the intended recipient, any disclosure, copying or distribution of this 
e-mail may be unlawful. Any action taken or omitted due to the content of this message is prohibited and may be 
unlawful.


From: The EDUCAUSE Security Constituent Group Listserv [mailto:SECURITY () LISTSERV EDUCAUSE EDU] On Behalf Of Anand 
Malwade
Sent: Wednesday, October 08, 2008 3:24 PM
To: SECURITY () LISTSERV EDUCAUSE EDU
Subject: [SECURITY] FTC and Red Flag Rule


Hi,

Does anyone know if Educational Institutions are affected by the FTC's Red flag rule about maintaining an Identity 
Theft program ? If yes has anyone implemented or has a roadmap for deployment?
In my opinion if the rule is indeed applicable, the Institution's Legal Counsel should drive the initiative and not IT.

Any suggestions are welcome.


http://www.dciginc.com/2008/08/ftc-issues-red-flag-rules-reminder-ensuring-i.html

http://www.ftc.gov/bcp/edu/pubs/business/alerts/alt050.shtm



Thanks,
Anand



Anand Malwade, CISSP,CISM,CISA.
Information Security Officer,
Seton Hall University,
malwadan () shu edu

Current thread:

Re: FTC and Red Flag Rule, (continued)
- Re: FTC and Red Flag Rule Anand Malwade (Oct 08)
- Re: FTC and Red Flag Rule Sherry, Cathy (Oct 08)
- Re: FTC and Red Flag Rule Theresa Semmens (Oct 08)
- Re: FTC and Red Flag Rule Sewell, Michael K. (Oct 08)
- Re: FTC and Red Flag Rule Valerie Vogel (Oct 08)
- Re: FTC and Red Flag Rule Basgen, Brian (Oct 08)
- Re: FTC and Red Flag Rule Rodney Petersen (Oct 08)
- Re: FTC and Red Flag Rule Allison Dolan (Oct 09)
- Re: FTC and Red Flag Rule Matthew Clark (Oct 09)
- Re: FTC and Red Flag Rule Schattle, Donald (Oct 09)
- Re: FTC and Red Flag Rule Smith, Bob (Oct 09)
- Re: FTC and Red Flag Rule Robin Stubbs (Oct 09)
- Re: FTC and Red Flag Rule Valdis Kletnieks (Oct 09)
- Re: FTC and Red Flag Rule Roger Safian (Oct 09)
- Re: FTC and Red Flag Rule Foerst, Daniel P. (Oct 09)
- Re: FTC and Red Flag Rule HIME, ALLEN (Oct 09)
- Re: FTC and Red Flag Rule Adam Garside (Oct 09)
- Re: FTC and Red Flag Rule Ed Nila (Oct 10)
- Re: FTC and Red Flag Rule Allen Barrett (Oct 10)
- Re: FTC and Red Flag Rule Ahmed S Ahmed (Oct 10)
- Re: FTC and Red Flag Rule Michael Natale (Oct 10)

(Thread continues...)