When Will the Madness End?
For a fourth time, the FTC postponed the Red Flag compliance deadline for non banking regulated companies. The original deadline was to be November 1st, 2008. It was set to go live on November 1st, 2009 and now they have pushed it back to June, 2010.
This new compliance requires non banking institutions that could be exposed to identity theft to put in new procedures to detect and mitigate identity theft. For example, health care. Medical identity theft is growing as people are using stolen identities to receive medical services in a victim’s name. You can see that it might be a good idea to have health care providers to makes sure that doesn’t happen.
Dear Mr. Elliott, we see that you owe us $25,000 for a liposcution treatment that you received in Los Angeles”. Huh?
According to the press release, the 4th delay was caused by members of congress saying that the new compliance is not well understood and we should not punish companies. Huh?
Since when did making sure that companies that receive confidential identity data use it wisely become unfair. In the credit card world, for anyone receiving credit card information – they must be PCI compliant. They must have standards in place to make sure that do everything possible to minimize credit card numbers from being compromised.
However, when it comes to a persons identity, we once more say that this isn’t as important. Ironic. If your credit card is compromised, the consumer has a $50 liability and that’s the extent of the damage. If your identity is stolen, you may have years and thousands of dollars expended before you can clean it up, if ever.
Priorities? In the meantime, identity theft rose again in 2008 and all expectations are that they will rise again in 2009.