For The Motorcycle & Motorsport Industry
| |
| Who can be appointed as our Red Flags compliance officer? |
| |
Your Red Flags Program must be managed by either your Board of Directors or senior executive employees and they can designate your Red Flags compliance officer. It is up to your Board of Directors or your senior executives to decide who they will apoint to be the company's compliance officer. |
| |
| Is a written & Board approved Red Flags Program required for all businesses? |
| |
Yes! Compliance is mandatory for all businesses that fall under any of the Red Flags compliance sections. It is necessary for your business to be fully Red Flags compliant by the May 1st, 2009 deadline. |
| |
|
What if we outsource our billing or other services? Who is responsible for the safety of the personally identifiable information?
|
| |
Businesses will be held responsible for their Red Flags compliance and they must ensure their third-party service providers meet the same standards of data protection. This means that your business is ultimately responsible for complying with the Red Flags Rules and Guidelines even if it outsources an activity to a third-party service provider. |
| |
|
What is our responsibility to a customer's aged documents and records?
|
| |
 |
|
Every business is responsible for keeping personally identifiable information (PII) and records safe and protected for as long as they are required to keep them. The key to this question lies within the disposal process of the aged data. A business is responsible for the proper destruction and disposal of all PII of both their consumers and their staff and employees. Many forms of identity theft are committed using "low tech" means which includes "dumpster diving" and the theft or duplication of valuable personal data.
|
FACT:
Current trends in database breaches can be avoided or entirely eliminated in two simple steps,
neither of which involves the digital or electronic elements of your business!
