My WebLink
|
Help
|
About
|
Sign Out
Home
Browse
Search
5.3. ERMUSR 10-14-2008
ElkRiver
>
City Government
>
Boards and Commissions
>
Utilities Commission
>
Packets
>
2003-2013
>
2008
>
10-14-2008
>
5.3. ERMUSR 10-14-2008
Metadata
Thumbnails
Annotations
Entry Properties
Last modified
12/15/2008 10:51:20 AM
Creation date
12/15/2008 10:51:19 AM
Metadata
Fields
Template:
City Government
type
ERMUSR
date
10/14/2008
There are no annotations on this page.
Document management portal powered by Laserfiche WebLink 9 © 1998-2015
Laserfiche.
All rights reserved.
/
8
PDF
Print
Pages to print
Enter page numbers and/or page ranges separated by commas. For example, 1,3,5-12.
After downloading, print the document using a PDF reader (e.g. Adobe Reader).
View images
View plain text
Responsibility for developing, implementing and updating this Program lies with an <br />Identity Theft Committee for the Utility. The Committee is headed by a Program Administrator <br />(the Finance Director.) Two or more other individuals appointed by the head of the Utility or the <br />Program Administrator comprise the remainder of the committee membership. The Program <br />Administrator will be responsible for the Program administration, for ensuring appropriate <br />training of Utility staff on the Program, for reviewing any staff reports regarding the detection of <br />Red Flags and the steps for preventing and mitigating Identity Theft, determining which steps of <br />prevention and mitigation should be taken in particular circumstances and considering periodic <br />changes to the Program. <br />B. Staff Training and Reports <br />Utility staff responsible for implementing the Program shall be trained either by or under <br />the direction of the Program Administrator in the detection of Red Flags, and the responsive <br />steps to be taken when a Red Flag is detected. Review with staff already trained will occur <br />annually. Reporting....... <br />C. Service Provider Arrangements <br />In the event the Utility engages a service provider to perform an activity in connection <br />with one or more accounts, the Utility will take the following steps to ensure the service provider <br />performs its activity in accordance with reasonable policies and procedures designed to detect, <br />prevent, and mitigate the risk of Identity Theft. <br />1. Require, by contract, that service providers have such policies and procedures in place; <br />and <br />2. Require, by contract, that service providers review the Utility's Program and report any <br />Red Flags to the Program Administrator. <br />D. Non-disclosure of Specific Practices <br />For the effectiveness of this Identity Theft Prevention Program, knowledge about specific <br />Red Flag identification, detection, mitigation and prevention practices must be limited to the <br />Identity Theft Committee who developed this Program and to those employees with a need to <br />know them. Any documents that may have been produced or are produced in order to develop or <br />implement this program that list or describe such specific practices and the information those <br />documents contain are considered "security information" as defined in Minnesota Statutes <br />Section 13.37 and are unavailable to the public because disclosure would be likely to <br />substantially jeopardize the security of information against improper use, that use being to <br />circumvent the Utility's Identity Theft prevention efforts in order to facilitate the commission of <br />Identity Theft. <br />7 <br />
The URL can be used to link to this page
Your browser does not support the video tag.