§ 50.48  DETECTION, PREVENTION, AND MITIGATION.
   (A)   Detection.
      (1)   In an effort to ensure proper detection of any red flags, all customers (consumers) must provide at least the following information/documentation before any new covered account will be opened:
         (a)   Full name;
         (b)   Date of birth (individual);
         (c)   Address, (a residential or business street address for an individual; for an individual who does not have a residential or business street address, an Army Post Office (APO) or Fleet Post Office (FPO) box number, or the residential or business street address of next of kin or of another contact individual; or for a person other than an individual (such as a corporation, partnership, or trust), a principal place of business, local office, or other physical location; and
         (d)   Identification number, which shall be:
            1.   For a U.S. person, a taxpayer identification number; or
            2.   For a non-U.S. person, one or more of the following: a taxpayer identification number; passport number and country of issuance; alien identification card number; or number and country of issuance of any other government-issued document evidencing nationality or residence and bearing a photograph or similar safeguard.
      (2)   For any account holder of a covered account for which the above information is not already on file at the town, the customer will be contacted within a reasonable period of time after discovering the missing information to obtain the necessary information; and
      (3)   (a)   To assist with detection of red flags, the town will implement the appropriate computer programs tailored to the town business needs to help authenticate customers, monitor transactions, and change of address requests.
         (b)   The following programs are being used and the town continued use thereof is incorporated and made part of this policy: CSI Technology Outfitters 900 East Main Street, Suite T Easley, South Carolina 29640.
   (B)   Preventing and mitigating identity theft.
      (1)   (a)   In the event a red flag is detected, the town committed to preventing the occurrence of identity theft and taking the appropriate steps to mitigate any harm caused thereby.
         (b)   In order to respond appropriately to the detection of a red flag, the town shall consider any aggravating circumstance(s) that may heighten the risk of identity theft.
      (2)   After assessing the degree of risk posed, the town will respond to the red flag in an appropriate manner, which may include:
         (a)   Monitoring a covered account for evidence of identity theft;
         (b)   Contacting the customer;
         (c)   Changing any passwords, security codes, or other security devices that permit access to a covered account;
         (d)   Reopening a covered account with a new account number;
         (e)   Not opening a new covered account;
         (f)   Closing an existing covered account;
         (g)   Notifying law enforcement; or
         (h)   Determining that no response is warranted under the particular circumstances.
      (3)   In an effort to mitigate the damage caused by identity theft, the following programs/software are being used, and the town’s continued use thereof is incorporated and made part of this policy: CSI Technology Outfitters.
      (4)   (a)   For the protection of our customers, all service providers hired by the town to perform any activity in connection with any covered account must also take appropriate steps to prevent identity theft.
         (b)   To this end, the town will only contract with service providers that have implemented and follow a similar identity theft prevention policy.
(2013 Code, § 18-67.3)