If you run a business in the United States, you know that there are many expectations that you are expected to meet when it comes to how you operate your business. From health and safety standards to operations standards, there are many pieces of legislation in place to ensure that consumers are given honest and quality products and services, and that businesses operate ethically.
One such piece of legislation is known as FACTA. Enacted in 2003, the main purpose of this law was to protect consumer information and improve the accuracy and accessibility of credit reports. From FACTA arose another prominent piece of legislation in the finance world known as the Red Flags Rule.
What is the Red Flags Rule?
The Red Flags Rule was crafted to help protect and monitor consumer credit information in the financial space. It is based on key sections of FACTA and sets out the requirements for certain financial organizations to create, implement and maintain a protocol and plan of action to spot and minimize risks of information and identity theft. The Red Flags Rule applies to two specific types of organizations:
- Financial institutions (banks, savings & loan associations, credit unions etc.)
- Creditors (any entity that regularly extends, continues or renews credit, or is involved in such activities)
Key Expectations
Under the Red Flags Rule, applicable organizations are expected to put together a program that works to spot and mitigate identity theft and makes efforts to minimize risks as they are spotted. The rule must be written, and it must be created to an appropriate scale depending on the size of the organization in question.
There are four objectives for these organizations to cover:
- Identify risks
- Detect risks
- Prevent and mitigate damages
- Update and maintain as needed
What You Can do to Minimize Your Risk of Becoming a Victim
For those that aren’t subject to the red flags rule, or who want to protect information outside of the financial sector, there are many other key legislations such as HIPAA and HITECH which service to enforce information protection provisions in other sectors.
There are some things you can do at home:
- Install anti-virus and anti-malware software on your device(s) to keep away malicious software that can steal data.
- Enact a day-to-day policy that can improve data security in your workplace. The clean desk policy is one such example.
Secure shredding services in Virginia
For over 20 years DDVA has been providing among the highest quality shredding services in the land. With a state-of-the-art fleet of shredding trucks, we are able to provide services on location, no matter where you may be located!
Whether you are looking for ongoing shredding services, or simply need a one-time purge service, our team is equipped and trained to help ensure that your documents and devices are disposed of safely, securely and responsibly.
Talk to us today to put together a solution that fits your needs and budget!