What is the “Red Flags Rule?”

Before looking at its impact on security controls, we need a thorough understanding of what the Red Flags Rule actually covers. According to an article posted at the American Hospital Association News site, the rule consists of three parts:

  1. Debit and credit card issuers must develop policies and procedures to assess the validity of a request for a change of address that is followed closely by a request for an additional or replacement card.
  2. Users of consumer reports must develop reasonable policies and procedures to respond to any notice of an address discrepancy they receive from a consumer reporting agency
  3. Financial institutions and creditors holding consumer or other “covered accounts” must develop and implement a written identity theft prevention program that covers both new and existing accounts.

Click here to read more

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google photo

You are commenting using your Google account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s

%d bloggers like this: