Business and Financial Policies and Procedures
 

Determine if the Red Flags Rule Applies to Your Unit

Before You Begin

The University is subject to and complies with the Federal Trade Commission (FTC) Identity Theft Red Flags Rule, which is a component of the Fair and Accurate Credit Transactions Act of 2003.

The Red Flags Rule applies to the University of Illinois wherever we administer the types of accounts covered by the Rule. If your unit enters, alters, or maintains personally identifying information, such as name, birth date, address, phone number, gender, social security number, NetID, Enterprise ID, e-mail address, and UINs, you must comply with the Rule’s requirements.

Begin

To determine if the Red Flags Rule applies to your unit:

  1. Determine if your unit enters, alters, or maintains personally identifying information in:
  • Banner, HR Front End, DART, the i-card database, or similar systems. (Filing an I-9 is exempt from the Red Flags Rule.)
  • Systems that generate UINs, Net IDs, e-mail addresses, or other personal identifiers
  • SAR or GAR accounts administered by or on behalf of your unit
  • Payroll records
  • Administering accounts distributed by declining balance or debit (for example, meal plans, Extra Credits, Campus Cash, Dragon Dollars, and scholarships or other aid or funds)
  1. Determine if your unit engages in any of these activities:
  • Making loans
  • Administering campus-based student loans
  • Issuing cards used to access accounts
  • Using consumer credit reports such as those issued by Experian, TransUnion, and Equifax
  • Reporting information to credit reporting agencies
  • Selling or transferring debts to a third party
  • Pursuing debt collection in cases where services were not paid for (even if your unit requires payment at the time of service)
  • Billing for fines
  • Leasing to individuals for personal use or non-business purposes
  1. If your unit engages in any of the activities in Step #1 or 2, you must comply with the Red Flags Rule requirements.

 

Related Policies and Procedures

Comply with Red Flags Rule

Additional Resources

University of Illinois Red Flags Rule Identity-Theft Prevention Program Best Practices

 

Last Updated: October 21, 2011 | Approved: Senior Associate Vice President for Business and Finance - January 2002