You are here:HomeIssuesInsurance Business Practices & Technical Information2009FTC "Red Flag" Rule Delayed Again, to November 1

FTC "Red Flag" Rule Delayed Again, to November 1

What are Red Flag rules? Red Flag Rules are to strengthen businesses' anti-ID theft compliance. More specifically, they require creating system responses that flag...
August 12, 2009

The date for implementation of the Federal Trade Commission's "Red Flag" rules has been pushed back to November 1, 2009.

What are Red Flag rules? Red Flag Rules are to strengthen businesses' anti-ID theft compliance. More specifically, they require creating system responses that flag the caretaker of databases when "unusual" access attempts or activity patterns arise in your data activities.

Do Red Flag rules apply to insurance? Insurance is not included - but there are some important gray areas in which it is possible that PIA member agencies could be expected to comply with the general business practice requirements of Red Flag. The PIA National Business Issues Committee has reviewed this issue at the request of PIA members and published a special update memo [PDF] discussing the new requirements and under what circumstances they might apply.

Additional Resources:

FTC "Red Flag" Guide

FTC Education for Business on "Red Flag" (updated 7/29/09)

PIA Privacy Tool Kit (PIA member login reqired)