College Catalog
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
Policies and Procedures

Identity Theft Prevention Program

Program Adoption
Hudson Valley Community College developd this Identity Theft Prevention Program (“Program”) in order to comply with the Federal Trade Commission’s Red Flags Rule (16 CFR 681.2). The Board of Trustees determined that this program was appropriate for Hudson Valley Community College, and therefore approved this program on April 23, 2009.

Purpose
The purpose of the Identity Theft Prevention Program is to prevent frauds committed by the misuse of identifying information. The program is designed to detect, prevent and mitigate identity theft in connection with covered accounts, and to provide for continued administration of the Program. The Program shall include reasonable policies and procedures to:

  1. Identify relevant red flags for covered accounts and incorporate those red flags into the Program;
  2. Detect red flags;
  3. Respond appropriately to any red flags that are detected; and
  4. Review and update the Program periodically to consider and incorporate changes in risks.

Definitions

Account: A relationship established with an institution by a student, employee, or other person to obtain educational, medical, or financial services.

Covered Account: An account that permits multiple transactions or poses a reasonable foreseeable risk of being used to promote identity theft.

Identity Theft: A fraud committed or attempted using the identifying information of another person without authority.

Red Flag: A pattern, practice, or specific activity that indicates the possible existence of identity theft.

Responsible Staff: Personnel who regularly work with CoveredAccounts and are respon- sible for performing the day-to-day application of the Program to a specific Covered Account by detecting and responding to Red Flags.

Program Administrator: The individual designated with primary responsibility for oversight of the Program.

Program Administration and Oversight
The Executive to the President for Institutional Effectiveness and Strategic Planning will be the Program Administrator and will be responsible for overseeing the administration of this Program. The Program Administrator may designate additional staff of the College to undertake responsibility for training personnel, monitoring service providers, and updating the Program, all under the supervision of the Program Administrator.

Staff Training
The Program Administrator or his or her designees shall train responsible staff, as necessary, in the detection of Red Flags, and the responsive steps to be taken when a Red Flag is detected. Responsible staff are expected to notify the ProgramAdministrator of any incidents of identity theft.

Updating the Program
The Program will be reviewed annually, or if and when a problem arises, to ensure the effectiveness of the procedures in place, and to update the Program based on new events, institutional changes or changes in risks.

Oversight of Service Provider Arrangements
The Program Administrator will ensure that the activity of a service provider is conducted in accordance with reasonable policies and procedures designed to detect, prevent, and mitigate the risk of identity theft whenever the organization engages a service provider to perform an activity with one or more covered accounts.