6-5 Identity Theft Prevention Program
Return to Identity Theft Prevention Program Table of Contents
Approved: Board of Supervisors
Authority: Board of Supervisors and Board of Directors, Community Development Commission
Revised Date: July 21, 2009
What’s on this Page
Section VIII. Updating the Program (Program Administration)
Section IX. Program Administration
VIII. Updating the Program (Program Administration)
The County Administrator’s Office (“CAO”) will annually review and update the Identity Theft Prevention Program along with any relevant red flags in order to reflect changes in risks to customers or to the safety and soundness of the County and its covered accounts from identity theft. In so doing, the CAO will consider the following factors and exercise its discretion in amending the program:
- The County’s and the SCCDC’s experiences with identity theft;
- Updates in methods of identity theft;
- Updates in customary methods used to detect, prevent, and mitigate identity theft;
- Updates in the types of accounts that the County and the SCCDC offer or maintain; and
- Updates in service provider arrangements.
IX. Program Administration
Senior Staff within the Stakeholder Departments (“Senior Staff”) are responsible for oversight of the Program and for Program implementation and will be responsible for preparing reports to the County Administrator’s Office related to compliance with the Program and recommendations for changes to the Program (“Program Reports”). The County Administrator’s Office will review Program Reports and will oversee the implementation of material changes to the Program, as necessary in the opinion of the County Administrator, to address changing identity theft risks and to identify new or discontinued types of covered accounts. Any recommended material changes to the program, as determined by the County Administrator, will be submitted to the Board of Supervisors and the Board of Commissioners of the SCCDC for acceptance.
- Senior Staff will report to the County Administrator at least annually, on compliance with the red flag requirements. The report will address material matters related to the Program and evaluate issues such as:
- The effectiveness of the policies and procedures of County and the SCCDC in addressing the risk of identity theft in connection with the opening of covered accounts and with respect to existing covered accounts;
- Service provider arrangements;
- Significant incidents involving identity theft and management’s response; and
- Recommendations for material changes to the Program.
- Senior Staff within each Stakeholder Department are responsible for providing training to all employees within the Stakeholder Department who are responsible for or involved in opening a new covered account, restoring an existing covered account or accepting payment for a covered account with respect to the implementation and requirements of the Identity Theft Prevention Program. The Senior Level Staff will exercise his or her discretion in determining the amount and substance of training necessary.