Identity Theft Prevention Policy
Red Flags Rule Policy
I. Purpose and Scope
In response to the growing threats of identity theft in the United States, Congress passed the Fair and Accurate Credit Transactions (FACT) Act of 2003, which amended a previous law, the Fair Credit Reporting Act. This amendment to the Fair Credit Reporting Act charged the Federal Trade Commission and several other federal agencies with promulgating rules regarding identity theft. The final regulations are known as the “Red Flags Rule”.
This policy is designed to identify, detect, and appropriately respond to Red Flags which may indicate suspected or real incidents of identity theft upon account holders and to ensure compliance with the Federal Trade Commission’s Red Flags Rule.
The Mississippi Office of Student Financial Aid will also work to ensure that the policy is updated periodically to reflect changes in risks to student account holders or to the safety and soundness of the Office.
- “Identity Theft” means a fraud committed or attempted using the identifying information of another person without authority. Identifying information is any name or number that may be used, alone or in conjunction with any other information, to identify a specific person.
- “Red Flag” means a pattern, practice, or specific activity that indicates the possible existence of identity theft.
- “Service Provider” means a person or entity that provides a service directly to the financial institution or creditor.
III. Covered Accounts
- Mississippi Forgivable Loan Accounts
IV. Identification of Red Flags
Below is a list of Red Flag indicators.
- Altered/forged ID
- Inconsistent photo/description
- Inconsistent ID information
- ID information that doesn’t match what is on file (e.g. signature, etc)
Suspicious Personal ID Information:
- Personal ID info inconsistent with external information
- Personal ID info inconsistent with other provided info or info on file
- Personal ID info associated with known fraud
- Social security number discrepancies
- Address or telephone number discrepancies
- Incomplete demographic or other identifying info
- Individual unable to authenticate via challenge questions
- Individual refuses to produce ID
- Usage consistent with known fraud patterns
- Mail sent to the individual returned repeatedly as undeliverable although transactions continue to be conducted in connection with the individual’s covered account
- Family members and/or friends calling the individual by a different name than that provided by the individual
Suspicious Medical Information:
- Individual presents medical background inconsistent with existing medical record
- Individual unaware of basic medical background information
- Medical record inconsistent with physical examination or with patient’s account of medical history
- Patient or insurance company report that coverage for legitimate stay is being denied because benefits have been depleted
- Patient denies information provided in medical record
- Lab (e.g. blood work, etc.) inconsistent with information in medical record (e.g. wrong blood type, etc.)
Alerts from others, such as:
- Alert from individual
- Alert from Law Enforcement
- Alert from Third Party such as credit bureaus
V. Red Flag Detection and Response
The Mississippi Office of Student Financial Aid uses a loan servicer and collection agencies in connection with our covered accounts. We have a process to confirm that our loan servicer and collection agencies comply with reasonable policies and procedures designed to detect, prevent and mitigate identity theft. We will require our service providers to have such policies and procedures, report to the Office the Red Flags that may arise in the performance of the service providers’ activities, and take appropriate steps of their own to prevent or mitigate the identify theft.
VI. Program Administration
A Red Flags Rule Compliance Coordinator will be identified and will be responsible for reviewing reports regarding detection of Red Flags, monitoring the response procedures to prevent and mitigate identity theft, and interpreting regulatory correspondence from the Federal Trade Commission and federal agencies. The Red Flags Rule Compliance Coordinator will identify and define Red Flags and periodically review procedures and actions required for the detection of Red Flag issues. At least annually, the Red Flags Rule Compliance Coordinator will review and discuss any changes, updates or compliance issues that may arise.