Business Office Provides Annual Notification of Red Flags Rule

Editor’s note: The University of St. Thomas is required to provide this annual notice by a means that is reasonably likely to inform those who are impacted by the Red Flags Rule.

The Federal Trade Commission (FTC) has mandated a Red Flags Rule, and the university is required to be compliant. An Identity Theft Prevention Program was established at the university in response to this ruling. Enforced by the FTC, the program is designed to include four basic elements that create a framework to address the threat of identity theft.

  1. The program  must include reasonable policies and procedures to identify the red flags of identity theft that may surface in day-to-day operations.
  2. The program must be designed to facilitate the detection of red flags identified at UST.
  3. The program must include the appropriate actions that departments will take if a red flag is detected.
  4. Because identity theft is an ever-changing threat, UST must address how the program will be periodically re-evaluated to take on new risks from this crime.

Each department at UST has unique identifiers, or red flags, which identify that theft may have occurred and that management's assistance is needed to educate those who report to them of the Red Flags Rule and program at the university. Training mechanisms are in place to educate the university community, and managers should direct those deemed appropriate within their departments or divisions to review the information provided in the links below. These websites contain information about the program, a brief training PowerPoint presentation, and other information about the Red Flags Ruling.

More information is available on the FTC’s Red Flags Rule website; a review of the Identity Theft Prevention Program (Red Flags Regulation Response) at the University of St. Thomas is available on the Business Office’s Red Flags site.