Academic Division, Medical Center, and College at Wise.
In response to the increasing nationwide incidence of identity theft, the Federal Trade Commission, along with the banking regulatory agencies, issued a so-called “Red Flags Rule” intended to protect consumers from this crime. “Red Flags” are circumstances that should cause creditors and financial institutions to suspect that identity thieves may be using the identifying information of others to commit fraud.
The University is committed to complying with federal regulations concerning the detection, prevention, and mitigation of identity theft. In accordance with the Fair and Accurate Credit Transaction Act (FACTA) of 2003 and the subsequent “Red Flags Rule” of 2007, the University is required to establish a comprehensive, coordinated, and University-wide approach for facilitating the detection, prevention, and mitigation of identity theft.
A consumer account or payment plan that involves multiple payments over time.
Any name or number that may be used, alone or in conjunction with any other information, to identify a specific person.
A fraud committed using the identifying information of another person.
In order to detect and stop identity thieves from using someone else’s identifying information at the University, an Identity Theft Prevention Program will be maintained. (This is distinct from data security which is covered under other University policies; see Related Information.) Identity theft is committed by using the identifying information of another person without his or her authority. Identifying information may include such things as a Social Security number, account number, date of birth, driver's license number, passport number, and other unique identification numbers or codes.
The Identity Theft Prevention Program describes the characteristics of identity theft and helps detect, prevent, and mitigate the effects of identity theft in order to protect individuals and the University from fraudulent transactions. This program coordinates, reviews, and oversees policies and procedures in order to:
The Executive Vice President and Chief Operating Officer, oversight executive for the program, delegates administration of the program to the Vice President and Chief Financial Officer and the Vice President and Chief Information Officer.
The Assistant Vice President for Finance and University Comptroller (Comptroller) has responsibility for:
Offices handling covered accounts must:
These areas include but are not limited to:
A complete list of offices with covered accounts and guidance information related to the Identity Theft Prevention Program is provided at the University’s Red Flags Rule Program. (Of note, it has been determined that payroll deductions for University parking, Intramurals, etc., are low-risk and therefore not included in the program.)
Compliance with Policy:
Failure to comply with the requirements of this policy may result in disciplinary action up to and including termination in accordance with relevant University policies.
Questions about this policy should be directed to the Office of the University Comptroller.
University’s Red Flags Rule Program
Identity Theft Red Flags
Documenting and Reporting Identity Theft