Here's a New Year's resolution to consider: Ensure compliance with the "Red Flags Rule" the Federal Trade Commission is set to begin enforcing on Friday, Dec. 31.
The rule requires financial institutions and creditors-in such diverse areas as auto, mortgage and wireless-to develop and implement identity theft prevention programs.
Tom Oscherwitz, chief privacy officer for consumer risk management specialist ID Analytics in San Diego, advises credit unions to "take the rules seriously."
"Companies are now accountable for identity theft that happens on their watch," he said. "Data security has gone beyond protecting against corporate vulnerabilities and now includes ensuring the identity security of consumers. Companies who fail to comply face penalties and other enforcement actions."
Oscherwitz recommends that financial institutions understand and resolve risks proactively by building a long-term Red Flag program that can evolve while taking into account the institution's individual profile and vulnerabilities.