In order to safeguard identifying information and to comply with the requirements of the Federal Trade Commission's Red Flags Rule, the College has developed a Program that is designed to meet the requirements of the Rule by identifying, preventing, and mitigating identity theft.
Purpose/Reason for Policy:
Guilford College developed this identity Theft Prevention Program pursuant to the Federal Trade Commission's Red Flags Rule, which implements Section 114 and 315 of the Fair Credit Transactions Act of 2003. The Red Flags Rule requires creditors who have entered into business arrangements that meet the definition of “covered account” to establish an identity theft prevention program. This Program is designed to detect, prevent and mitigate identity theft in connection with the opening of a covered account or an existing covered account and to provide for continued administration of the Identity Theft Prevention Program.
Scope/Covered Persons:
This Policy applies to all employees, students, volunteers and agents who are involved in handling information that can be used to identify a specific person in connection with certain accounts maintained by Guilford College.
Definitions:
- Identity theft: fraud committed or attempted using the identifying information of another person without authority.
- Creditor: any natural person, corporation or other entity that regularly, and in the ordinary course of business advances funds to or on behalf of a person based on an obligation to repay the funds or repayable from specific property pledged by the person.
- Covered account: an account that a creditor offers or maintains primarily for personal, family, or household purposes that involves or is designed to permit multiple payments or transactions. Examples of covered accounts include certain types of loan payments and refunds, deferred tuition payments and tuition payment programs as outlined in the Identity Theft Prevention Program.
- Identifying information: any name or number that may be used, alone or in conjunction with any other information, to identify a specific person including: name, address, telephone number, social security number, date of birth, driver’s license or identification number, alien registration number, passport number, employer or taxpayer identification number.
- Program Administrator: The Vice President of Administration and Finance or his designee.
- Red flag: a pattern, practice or specific activity that indicates the possible existence of identity theft.
The Policy:
Guilford College is a “creditor” under the Rule and is therefore required to establish an Identity Theft Prevention Program. Accordingly, Guilford College will:
- Identify relevant red flags (patterns, practices, or specific activities that could indicate
Theft) and incorporate them into the program; - Detect red flags that are part of the program;
- Respond appropriately to any red flags that are detected; and
- Update the program periodically to address changing risks.
Roles and Responsibilities:
The Vice President for Finance and Administration will be responsible for developing, implementing and updating this Program. This includes:
- ensuring appropriate training of College’s staff on the Program,
- reviewing any staff reports regarding the detection of Red Flags and the steps for preventing and mitigating Identity theft,
- determining which steps of prevention and mitigation should be taken in particular circumstances and,
- considering periodic changes to the Program.
Compliance: Failure to comply with this policy may result in disciplinary action up to and including termination of employment.
Other related Policies, Regulations, Statutes and Documents: Protection of Social Security Numbers
Procedures: See “Identity Theft Prevention Program”
Approval Authority: The Guilford College Board of Trustees
Responsible Office:
Len Sippell
Vice President of Administration and Finance
Bauman 105B
336-316-2841
sippellc@guilford.edu
Revision History:
Approved by the Audit Committee of the Board of Trustees on April 30, 2009