FTC Defers Identity Theft Rule Programme
19 November 2012
On April 30, the United Sates Federal Trade Commission (FTC) deferred enforcement of its Red Flags Rule – which will require many businesses to develop and implement a written identity theft programme – from May 1 to August 1.
According to lawyers at McGuire Woods in Chicago and Charlotte, the FTC delayed implementation of the programme in order “to give creditors and financial institutions more time to develop and implement written identity theft prevention programs.”
The Red Flags Rule, so-named because it is designed to detect the warnings signs (or “red flags”) of identity theft and to prevent and mitigate it, is broad and not limited to any specific business sector, McGuire Woods lawyers say. “Quite the contrary, it is directed to not just financial companies, but also many other types of businesses such as telecommunications, utility, auto, retail and healthcare companies - including hospitals and physician practices,” they say. “The steps for compliance will vary on the size and nature of the business, as well as existing data protection policies, but failure to comply may result in civil monetary penalties.”
McGuire Woods lawyers told Asia IP it is important to note that the rule is not being revised or amended in any way.
