Because Red Clay accepts credit card payments and conducts credit checks on prospective customers, we are subject to the U.S. Securities and Exchange Commission’s (SEC) Identity Theft Red Flags rules (U.S. Securities and Exchange Commission, 2013) (U.S. Securities and Exchange Commission, 2013). We must follow the guidelines and conduct regular audits to determine how we can improve our posture in regards to protecting our customers from identity theft (PCI Security Standards Council, 2010).
Red Clay must develop, implement, administer and identity theft prevention program includes four basic elements:
(Fighting Identity Theft with the Red Flags Rule: A How-To Guide for Business, 2013)
Red flags for Red Clay renovations would include things such as false identification, credit report discrepancies, and any odd purchase requests. For example, our payment center discovers that a customer is trying to pay with a credit card that is not his or provides a social security number that is not his. According to the SEC’s Red Flag rule, we must incorporate policies and procedures to detect these flags, take steps to prevent identity theft as well as incorporating ways to thwart new threats. These policies should be understood by all employees and updated to counter new threats.
Red Clay is required to adopt a Red Flag Identity Theft policy by the SEC, but we should strive to follow and even exceed the recommendations to protect our customers data. It would be hard to do business with customers who are continually having their identities stolen and assets frozen. Following this policy will also increase the amount of trust our customers have in us securing their data and information and will provide avenues for repeat business.