{"id":985,"date":"2014-06-09T15:45:18","date_gmt":"2014-06-09T22:45:18","guid":{"rendered":"http:\/\/www.bellevuecollege.edu\/policies\/?page_id=985"},"modified":"2024-08-20T10:05:27","modified_gmt":"2024-08-20T17:05:27","slug":"id-7360p","status":"publish","type":"page","link":"https:\/\/www.bellevuecollege.edu\/policies\/id-7360p\/","title":{"rendered":"7360P Identity Theft Prevention (Procedures)"},"content":{"rendered":"<p>Original Date: 9\/8\/2009 * Last Revision Effective:\u00a010\/19\/2015<br \/>\nPolicy Contact: Vice President, Administrative Services<\/p>\n<h2>Purpose<\/h2>\n<p>The purpose for the following procedure is to implement BC policy <a title=\"7360 Identity Theft Prevention\" href=\"https:\/\/www.bellevuecollege.edu\/policies\/id-7360\/\">#7360: Identity Theft Prevention<\/a>, detect, prevent, and mitigate instances of identity theft, and to ensure compliance with the Federal Trade Commission\u2019s regulations commonly referred to as \u201cRed Flag Rules.\u201d<\/p>\n<h2>Definitions<\/h2>\n<p>A covered account is defined as any account which involves multiple payments or transactions or any other account the college offers or maintains for which there is a foreseeable identity theft risk, such as in payroll, human resources, cashiering, accounting, admissions , or financial aid functions.<\/p>\n<p>Sensitive information is defined as:<\/p>\n<ul>\n<li>Name<\/li>\n<li>Address<\/li>\n<li>Student or employee social security number<\/li>\n<li>Telephone number<\/li>\n<li>Credit card number and expiration date<\/li>\n<li>Amount of debt or earnings<\/li>\n<\/ul>\n<h2>Procedures<\/h2>\n<h3>Assessment of Risk<\/h3>\n<p>Each administrative area where covered accounts are maintained will review risk factors annually. How sensitive data is acquired, stored and accessed will be reviewed to determine where opportunities for identity theft could occur.<br \/>\nKey elements of determination of risk include but are not limited to:<\/p>\n<ul>\n<li>Is sensitive information kept secure at all times through the use of passwords and limited access for electronic data and the use of locking drawers and offices for hard copy data?<\/li>\n<li>Do all staff who access sensitive date receive regular appropriate training?<\/li>\n<li>Are identifying numbers (credit\/debit card numbers, social security numbers, college generated ID numbers, etc.) being protected to the greatest extent possible, being used only when necessary and with only the last four digits showing on receipts or other documents?<\/li>\n<li>Is access to sensitive data limited to only those with a need for the specific data?<\/li>\n<\/ul>\n<h3>Identify red flags<\/h3>\n<p>Each area will identify relevant patterns, practices, and specific forms of activity that are \u201cred flags\u201d signaling possible identity theft and incorporate training to identify those red flags into the program.<\/p>\n<p>Examples of red flags include but are not limited to:<\/p>\n<ul>\n<li>Suspicious or altered identification or documentation (such as driver\u2019s license, social security card, or credit card)<\/li>\n<li>Suspicious address change \u2013 official address of record is located in enrollment and registrar services or human resources offices<\/li>\n<li>A notice from a student or staff that they have been a victim of identity theft<\/li>\n<li>A notice from law enforcement or other authorities about the possibility of an identity theft<\/li>\n<li>Any type of security breach involving the theft of personal information<\/li>\n<\/ul>\n<h3>Prevention and detection of red flags<\/h3>\n<p>To prevent identity theft occurrences:<\/p>\n<ul>\n<li>Student covered accounts are carefully monitored by student services and cashier office staff<\/li>\n<li>Employee covered accounts are carefully monitored by human resources and payroll staff<\/li>\n<li>Appropriate identification is required before any consultation<\/li>\n<li>All account information on paper is secured in a locked, restricted location<\/li>\n<li>All electronic information is password protected following college guidelines and policies for all electronic security.<\/li>\n<\/ul>\n<h3>Respond appropriately to red flags<\/h3>\n<p>If a potentially fraudulent activity is detected, employee will investigate documentation and write a description of the situation and forward to the finance administrator or information resources administrator in the case of an electronic data security breach. If it is determined a fraudulent transaction has occurred actions may include:<\/p>\n<ul>\n<li>Contacting the account holder<\/li>\n<li>Notifying and cooperating with appropriate law enforcement<\/li>\n<li>Canceling the transaction<\/li>\n<li>Monitoring the account for unusual activity<\/li>\n<li>Notifying the state auditor\u2019s office<\/li>\n<\/ul>\n<h3>Periodic procedure update<\/h3>\n<p>These procedures will be evaluated annually and modified as needed to achieve maximum effectiveness.<\/p>\n<h2>Relevant Laws and Other Resources<\/h2>\n<ul>\n<li>Federal Trade Commission sections 114 and 315 of the Fair and Accurate Credit Transactions Act of 2003<\/li>\n<li>BC policy #5000 Acceptable Use of BC Computers<\/li>\n<\/ul>\n<h2>Revision History<\/h2>\n<p>Original 9\/8\/2009<br \/>\nRevisions 9\/24\/2012; 11\/15\/2012; 10\/19\/2015<\/p>\n<h3>Approved By<\/h3>\n<p>President\u2019s Cabinet<\/p>\n","protected":false},"excerpt":{"rendered":"<p>Original Date: 9\/8\/2009 * Last Revision Effective:\u00a010\/19\/2015 Policy Contact: Vice President, Administrative Services Purpose The purpose for the following procedure is to implement BC policy #7360: Identity Theft Prevention, detect, prevent, and mitigate instances of identity theft, and to ensure compliance with the Federal Trade Commission\u2019s regulations commonly referred to as \u201cRed Flag Rules.\u201d Definitions <a class=\"read-more\" href=\"https:\/\/www.bellevuecollege.edu\/policies\/id-7360p\/\">...more about 7360P Identity Theft Prevention (Procedures)<\/a><\/p>\n","protected":false},"author":187,"featured_media":0,"parent":0,"menu_order":0,"comment_status":"closed","ping_status":"closed","template":"","meta":{"footnotes":"","_links_to":"","_links_to_target":""},"class_list":["post-985","page","type-page","status-publish","hentry"],"_links":{"self":[{"href":"https:\/\/www.bellevuecollege.edu\/policies\/wp-json\/wp\/v2\/pages\/985","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.bellevuecollege.edu\/policies\/wp-json\/wp\/v2\/pages"}],"about":[{"href":"https:\/\/www.bellevuecollege.edu\/policies\/wp-json\/wp\/v2\/types\/page"}],"author":[{"embeddable":true,"href":"https:\/\/www.bellevuecollege.edu\/policies\/wp-json\/wp\/v2\/users\/187"}],"replies":[{"embeddable":true,"href":"https:\/\/www.bellevuecollege.edu\/policies\/wp-json\/wp\/v2\/comments?post=985"}],"version-history":[{"count":4,"href":"https:\/\/www.bellevuecollege.edu\/policies\/wp-json\/wp\/v2\/pages\/985\/revisions"}],"predecessor-version":[{"id":3880,"href":"https:\/\/www.bellevuecollege.edu\/policies\/wp-json\/wp\/v2\/pages\/985\/revisions\/3880"}],"wp:attachment":[{"href":"https:\/\/www.bellevuecollege.edu\/policies\/wp-json\/wp\/v2\/media?parent=985"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}