Red Flag Proposal

CERM “Red Flags” Program Overview

Red Flags Rules Training & Policy Implementation
These items have been specifically designed by our company to facilitate compliance with the new ID Theft Laws.

Federal and State agencies are not looking for perfect solutions of how your institution is protecting data; they are looking for“reasonable” measures that you have taken to protect consumer and employee data. Very simply, we provide the following:

Risk Assessment

  • We will review current policies and procedures and visit with management of each department to identify potential risks from an Identity Theft perspective. (Our risk assessment is for consultative purposes only and does not require immediate action, simply suggestions.)

Appointing a Compliance Security Officer for “NPI” (Non Public Information)

  • Regardless of whom you have designated as the Chief Information Officer prior, the new laws ask that you also appoint that individual as the new NPI security officer.

Implementing a Non-Public Information (NPI) policy regarding data security and ”Red Flags”

  • Upon completion of the employee trainings, we will deliver a new NPI policy complete with “Red Flags” to be incorporated into your procedural file.

Train and educate all employees on ID Theft, the new NPI Policy, and ”Red Flags” (includes acknowledgement form to document employee file)

  • Every compliance program becomes stronger when the employees become aware of their responsibilities when handling consumer, vendor, or employee information.

Install an ID Theft Monitoring/Restoration/Legal Service program for all employees as an optional voluntary payroll deduction benefit, subsidized benefit, or fringe benefit. (Opt in /Opt out required)

  • To complete the program, we have implemented a new mitigation plan and early warning system that allows the employees the option to protect their families from these growing concerns.

Trainings will last approximately 60 minutes which includes all policy and program coverage. It will be vitally important that all trainings be held as “mandatory” to ensure a successful completion of the program. To accommodate your company’s needs, several presentations of various numbers of employees and locations can be scheduled.