Business Office provides annual notification of Red Flags Rule St. Thomas Newsroom October 27, 2009 Editor’s note: The University of St. Thomas is required to provide this annual notice by a means that is reasonably likely to inform those who are impacted by the Red Flags Rule, which goes into effect Nov. 1, 2009. The Division of Business Affairs announces the implementation of a written Identity Theft Program designed to detect the warning signs – “red flags” – of identity theft in the day-to-day operations of the university. According to Pam Peterson, business office director, this ruling and program implementation require the university to take steps to prevent the crime of identity theft, and to mitigate the damage it inflicts. The university established this Identity Theft Prevention Program in response to the Federal Trade Commission’s Red Flags Rule, and approval was required by the University of St. Thomas Board of Trustees. Enforced by the Federal Trade Commission (FTC) the program is designed to include four basic elements that create a framework to address the threat of identity theft. First, the program at UST must include reasonable policies and procedures to identify the “red flags” of identity theft that may surface in day-to-day operations. Second, the program must be designed to facilitate the detection of red flags identified at UST. Third, the program must include the appropriate actions that departments will take if a red flag is detected. Fourth, because identity theft is an ever-changing threat, UST must address how we will re-evaluate our Program periodically to take on new risks from this crime. According to Peterson, the program was drafted by a committee that will be responsible for the administration of the program going forward, including oversight, development, implementation, training and an annual review process. The committee has defined the required training mechanisms to inform and educate the university community with the assistance of the Department of Human Resources. Newly hired employees will be provided this information as a part of their orientation process, and current employees will have this information provided to them by their managers as warranted. For more information go to the FTC’s Red Flags Rule site, and for a review of the Identity Theft Prevention Program (Red Flags Regulation Response) at the University of St. Thomas go to the Business Office’s Red Flags site.