§ 37.02 PURPOSE.
   (A)   The village adopts this sensitive information policy to help protect employees, customers, contractors, and the village from damages related to the loss or misuse of sensitive information.
   (B)   This policy will:
      (1)   Define sensitive information;
      (2)   Describe the physical security of data when it is printed on paper;
      (3)   Describe the electronic security of data when stored and distributed; and
      (4)   Place the village in compliance with state and federal law regarding identity theft protection.
   (C)   This policy enables the village to protect existing customers, reducing risk from identity fraud, and minimize potential damage to the village from fraudulent new accounts. The program will help the village:
      (1)   Identify risks that signify potentially fraudulent activity within new or existing covered accounts;
      (2)   Detect risks when they occur in covered accounts;
      (3)   Respond to risks to determine if fraudulent activity has occurred and act if fraud has been attempted or committed; and
      (4)   Update the program periodically, including reviewing the accounts that are covered and the identified risks that are part of the program.
(Res. 08-43, passed 10-20-2008)