The FTC recently extended the enforcement deadline for the Red Flags Rule until November 1, 2009. The Rule was originally scheduled to go into effect on November 1, 2008, but on Wednesday, July 29, 2009, the FTC announced that it was delaying enforcement for the third time because a number of industries and entities within the FTC's jurisdiction still expressed confusion and uncertainty about what types of entities would be subject to the Rule and what the Rule actually required of covered entities. To assist small businesses and other entities subject to the Rule, the FTC issued new resources and guidance and again extended the compliance deadline.

The FTC's Red Flags Web site, www.ftc.gov/redflagsrule, offers resources to help entities determine if they are covered and, if they are, how to comply with the Rule. It includes an online compliance template that enables companies to design their own Identity Theft Prevention Program through an easy-to-use form, as well as articles directed to specific businesses and industries, guidance manuals, and Frequently Asked Questions to help companies navigate the Rule.

For more information about the Red Flags Rule and how it might affect your business, please contact us with questions.

The content of this article is intended to provide a general guide to the subject matter. Specialist advice should be sought about your specific circumstances.