The North Carolina General Assembly in 2005 passed a bill entitled “Identity Theft Protection Act of 2005” and the law was amended in 2006. As you well know, identity theft is a growing and serious problem and it can be a problem for your business.
There are various parts to the State law which are important for you and your company to understand and comply with. Primarily, the law requires your company to have a written policy and training regarding the collection, safekeeping, storage and ultimate destruction of confidential and private personal identifying information. The primary purpose of the State law is to require businesses to offer common sense safeguards for the confidential information obtained by the business.
Is it important to have a written policy? Yes. The State law requires any company which collects personal identifying information on individuals (social security number, drivers license number, employer’s tax identification number, state identification number, passport information, bank account numbers, credit card number, debit card number, or PIN codes or passwords) to take certain actions.
The Federal law is already in place and becomes effective November 1, 2009. The Federal law will be monitored by the Federal Trade Commission (FTC). The Federal law is referred to as the “Red Flags” law. The Federal law also suggests that the policy be in writing as well.
We have had numerous clients inquire and request assistance in developing a written policy. We have assisted these clients and can assist and help you as well. We have developed a turn key policy which your company could adopt and put into place immediately.
If you or your company has not created a policy, please feel free to contact us for assistance.