Ohio Admin. Code 3358:5-11-21 - Identity theft prevention program policy
Current through all regulations passed and filed through March 11, 2022
Promulgated Under: 111.15
Statutory Authority: 3358
Rule Amplifies: 3358
Prior Effective Dates: 4/3/09, 3/18/15
The following state regulations pages link to this page.
State regulations are updated quarterly; we currently have two versions available. Below is a comparison between our most recent version and the prior quarterly release. More comparison features will be added as we have more versions to compare.
§ 3358:5-11-21. Identity theft prevention program policy
(A) Program adoption - Clark state community college developed this identity theft prevention program pursuant to the federal trade commission's red flags rule, which implements Section 114 of the Fair and Accurate Credit Transactions Act of 2003. After consideration of the size and complexity of the college's operations and account systems, and the nature and scope of the college's activities, the Clark state community college board of trustees determined that this program was appropriate for the college and therefore approved this program on March 17, 2009.
(1) Identity theft - a fraud committed or attempted using the identifying information of another person without authority.
(2) Red flag - a pattern, practice, or specific activity that indicates the possible existence of identity theft.
(3) Covered account - all accounts or loans that are administered by the college.
(4) Program administrator - the individual designated with primary responsibility for oversight of the program.
(5) Identifying information - any name or number that may be used, alone or in conjunction with any other information, to identify a specific person, including: name, address, telephone number, social security number, date of birth, government-issued driver's license or identification number, alien registration number, government passport number, employer or taxpayer identification number, personal identification number or computer internet protocol address, and bank routing code.
(C) Fulfilling requirements of the red flags rule - Under the red flags rule, the college is required to establish an identity theft prevention program tailored to its size, complexity and the nature of its operation. Each program must contain reasonable policies and procedures to:
(1) Identify relevant red flags for new and existing covered accounts and incorporate those red flags into the program.
(2) Detect red flags that have been incorporated into the program.
(3) Respond appropriately to any redflags that are detected to prevent and mitigate identity theft.
(4) Ensure the program is updated periodically to reflect changes in risks to students or to the safety and soundness of the student from identity theft.(Effective: 10/23/2015 Promulgated Under: 111.15 Statutory Authority: 3358 Rule Amplifies: 3358 Prior Effective Dates: 4/3/09, 3/18/15)