Home page logo
/

educause logo Educause Security Discussion mailing list archives

Re: FTC and Red Flag Rule
From: Rodney Petersen <rpetersen () EDUCAUSE EDU>
Date: Wed, 8 Oct 2008 19:07:40 -0600

In addition to Valerie's announcement about the webcast, let me share a
few other brief items of information:
 
*The FTC is working on guidance for colleges and universities that we
hope is ready in time for the webcast; it will provide more specific
examples of how the Red Flags Rule and Notice of Address Discrepancies
provisions would apply in a higher ed setting
*We have compiled a number of resources (including some of the ones
already mentioned on this list today) in one website at
http://connect.educause.edu/term_view/ID+Theft+Red+Flags  
*Please note that the NACUBO resource also links to a 5 page version of
the applicable rules (which is much shorter than the entire Federal
Register version):
http://www.nacubo.org/documents/business_topics/FTC%20Red%20Flags%20RULE
.pdf
*I am working to get examples of "Written ID Theft Prevention Programs"
and "policies and procedures" as required by the rule that could serve
as examples for other institutions; we are also seeking examples from
other affected sectors; please let us know if your institution has
anything to share.
 
Please let me know if you have any further questions.
 
Thanks,
 
-Rodney

--------------------------------------------------
Rodney J. Petersen, J.D.
Government Relations Officer & Security Task Force Coordinator

EDUCAUSE
1150 18th Street, N.W., Suite 1010
Washington, D.C. 20036
(202) 331-5368 / (202) 872-4200
(202) 872-4318 (FAX)
EDUCAUSE/Internet2 Security Task Force
www.educause.edu/security <http://www.educause.edu/security> 
-------------------------------------------------- 

 

________________________________

From: The EDUCAUSE Security Constituent Group Listserv
[mailto:SECURITY () LISTSERV EDUCAUSE EDU] On Behalf Of Basgen, Brian
Sent: Wednesday, October 08, 2008 4:47 PM
To: SECURITY () LISTSERV EDUCAUSE EDU
Subject: Re: [SECURITY] FTC and Red Flag Rule



 

 We are also working on our approach. Here are some documents our
Finance folks have pulled together that are helping us better assess
applicability.

 

~~~~~~~~~~~~~~~~~~

Brian Basgen

Information Security

Pima Community College

 

 

From: The EDUCAUSE Security Constituent Group Listserv
[mailto:SECURITY () LISTSERV EDUCAUSE EDU] On Behalf Of Anand Malwade
Sent: Wednesday, October 08, 2008 12:24 PM
To: SECURITY () LISTSERV EDUCAUSE EDU
Subject: [SECURITY] FTC and Red Flag Rule

 


Hi, 

Does anyone know if Educational Institutions are affected by the FTC's
Red flag rule about maintaining an Identity Theft program ? If yes has
anyone implemented or has a roadmap for deployment? 
In my opinion if the rule is indeed applicable, the Institution's Legal
Counsel should drive the initiative and not IT. 

Any suggestions are welcome. 


http://www.dciginc.com/2008/08/ftc-issues-red-flag-rules-reminder-ensuri
ng-i.html
<http://www.dciginc.com/2008/08/ftc-issues-red-flag-rules-reminder-ensur
ing-i.html>  

http://www.ftc.gov/bcp/edu/pubs/business/alerts/alt050.shtm
<http://www.ftc.gov/bcp/edu/pubs/business/alerts/alt050.shtm>  



Thanks, 
Anand 



Anand Malwade, CISSP,CISM,CISA.
Information Security Officer,
Seton Hall University,
malwadan () shu edu 


  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]