I have read the Fair and Accurate Credit Transactions Act (FACTA). If you have any troubles with going to sleep, reading legislation will help! It is not very exciting or entertaining.
On the surface, it would seem this legislation is geared only towards financial institutions and creditors, such as Banks, Lenders, Auto Dealers, and Realtors for example. However, many businesses conduct credit checks or use, gather or obtain consumer information. Businesses store sensitive data on their employees, customers and vendors.
Take heed Business Owners... more than 50% of data breaches are internal, although not always intentional. The FTC will undoubtedly act against businesses that fail to adequately protect the information in their care. They, (the FTC), are taking this problem very seriously. The fines associated could potentially close the doors of a business, especially when combined with the civil lawsuits from the victims involved.
So Who Are THEY Anyway? The following agencies jointly issued the final rules and guidelines for implementing section 114 and 315 of the Fair and Accurate Credit Transactions Act of 2003:
- OCC... Office of the Comptroller of the Currency
- Board... Board of Governors of the Federal Reserve System
- FDIC... Federal Deposit Insurance Corporation
- OTS... Office of Thrift Supervision
- NCUA... National Credit Union Administration
- FTC... Federal Trade Commission
Want to know how to add layers of protection regarding personal information that you are collecting? The Federal Trade Commission has "A Guide for Businesses". Go to
www.ftc.gov/infosecurity
I recommend going through the interactive tutorial.
Also, for help with the Red Flags Rule, go to www.ftc.gov/redflagsrule
This site includes an online compliance template that enables companies to design their own Identity Theft Prevention Program through an easy-to-do-form. There are articles directed to specific businesses and industries, guidance manuals and FAQ to help companies navigate through the Rule.
No comments:
Post a Comment