|
|
General Description
|
|
Description:
|
Information about service provider oversight relative to Red Flags Identity Theft Policy.
|
|
Purpose:
|
|
|
Scope:
|
All faculty, staff, students, and administrators
|
|
Responsibility:
|
Executive VP
VP of Business and Finance
|
 |
|
|
Requirements
|
|
Relevant Knowledge:
|
In order to comply with this policy you should know:
Current University policy
Federal statutes
Local statutes
Standard company policies
Standards of good practice
State statutes
|
|
Terms and Definitions:
|
Additional training
Corrective Action
Fine
Loss of privilege, general
Termination
|
|
|
|
|
Policy Provisions
|
1.
|
Service Provider Oversight
|
|
| 1. |
The University will periodically review all service provider agreements and activities no less than annually. |
| 2. |
A service provider with direct access to CSI must provide proof of, and maintain, their own Identity Theft Prevention Program that is consistent with, or exceeds, the University’s industry regulations. |
| 3. |
A service provider that has indirect access to CSI shall comply with this Identity Theft Prevention Policy. |
|
|
|
|
|
|
|
Performance Evaluation
|
|
Performance Metrics:
|
Compliance with standard policy and procedure
Compliance with federal mandate
|
|
|
|
|
Consequences:
|
Further training
Job Termination
|
|
|
|
|
Subject Experts
|
|
The following may be consulted for additional information.
|
|
|
Executive VP
VP of Business and Finance
|
|
|
|
To Home Page