Call Us Today!
(706) 724-7982 or
Request a Quote:
The Red Flags Rule and your Business Records
The Red Flags Rule, which provides a framework for preventing and detecting identity theft within businesses, was added to the Fair and Accurate Credit Transactions Act (FACTA) on January 1, 2011 by the Federal Trade Commission (FTC). It requires organizations to implement a written identity theft prevention program. As a result, financial institutions and creditors must be able identify, detect, and respond appropriately to warning signs of identity theft.
What Does This Mean For Your Business?
If your business utilizes consumer reports or reports to consumer reporting agencies, then you must have written policies and procedures for preventing, identifying and mitigating potential breaches of personal protected information. This includes combining data and information security measures with procedures for notifying law enforcement agencies as well as affected businesses and individuals. Businesses subject to the Red Flags Rule may include:
- auto dealers
- medical offices
- utility providers
- mortgage lenders
- credit unions
It’s recommended that you consult with your legal counsel for expert guidance on the specifics of a formal written plan; however in the meantime, there are several solutions that you may implement for the protection of sensitive documents and confidential computer data.
Records And Document Management
Even with the adoption of digital technology, paper records can still represent a considerable volume of a corporation’s information. However, storing and managing large volumes of documents and files in-house can not only end up being costly, but may also represent a potential security risk. Often, archival paper records containing personal data are easily compromised due to less than adequate storage solutions. Because finding the most available space in the least amount of time drives most storage decisions, organizations tend to look to in-house resources which may run the gamut from storage of files in unsecure, high access areas to the squirreling away of records in remote, unmonitored facilities.
Unfortunately, organizations that choose these options believe they best can manage and protect their retention. With either of these options, the likelihood of an undetected breach is high due to both lack of oversight and records and information management expertise. In short, archival records are best protected and managed throughout the retention lifecycle with an offsite storage solution that eliminates unauthorized access and facilitates a documented and tracked retrieval process.
Protecting Digital Data
It’s equally important that security measures are also put in place to protect your digital data. With the number of attacks on electronic data on the rise, a thorough review of your network security can help identify possible weaknesses that may lead to potential breach. Additionally, any electronic business documents should be encrypted, backed up on a regular basis and supported with a regular rotation schedule. An offsite media vaulting solution can provide your business with unparalleled safety as well as long term preservation for its digital media. While there are no criminal penalties for failure to comply with the Red Flags Rule, your organization may be subject to civil monetary penalties if a breach occurs so it’s best to take a thorough, proactive approach.
Records Management Center provides full service records and information management services for businesses through Augusta, Evans, Thomson, and Martinez, GA, and Aiken, SC and the Central Savannah River Area. To find out more, please contact us by phone or fill in the form on the page.