ARTICLE
20 October 2011

Red Flag Rule - Identity Theft Prevention Programs

MM
McLane Middleton, Professional Association

Contributor

Founded in 1919, McLane Middleton, Professional Association has been committed to serving their clients, community and colleagues for over 100 years.  They are one of New England’s premier full-service law firms with offices in Woburn and Boston, Massachusetts and Manchester, Concord and Portsmouth, New Hampshire. 
In early December 2010, a broad range of unsuspecting companies were required to comply with the Red Flags Rule and create an Identity Theft Prevention Program.
United States Criminal Law

Published in the Manchester Union Leader, January 2011.

(Published in the New Hampshire Business Review, January 2011)

In early December 2010, a broad range of unsuspecting companies were required to comply with the Red Flags Rule and create an Identity Theft Prevention Program. A week before Christmas, President Obama narrowed the reach of the Red Flags Rule and signed into law the "Red Flag Program Clarification Act of 2010."

The law limits the scope of the Red Flags Rule to creditors that regularly and in the ordinary course of business: (1) obtain or use consumer reports, directly or indirectly, in connection with a credit transaction; (2) furnish information to certain consumer reporting agencies in connection with a credit transaction; or (3) advance funds to or on behalf of a person, based on a person's obligation to repay the funds or on repayment from specific property pledged by or on the person's behalf. The revised definition of "creditor" excludes creditors "that advance funds on behalf of a person for expenses incidental to a service provided by the creditor to that person."

As discussed in last month's article, Moving Beyond Data Security: Identity Theft Prevention Program Required, Dan's small engine repair shop was the type of business to which the Red Flags Rule would apply. The exclusion in the new law likely applies to companies like Dan's. Currently, the FTC is revising its materials and may add more specific regulations for creditors that maintain accounts that are subject to a reasonably foreseeable risk of identity theft.

The content of this article is intended to provide a general guide to the subject matter. Specialist advice should be sought about your specific circumstances.

Mondaq uses cookies on this website. By using our website you agree to our use of cookies as set out in our Privacy Policy.

Learn More