The initial adoption and approval of the identity theft prevention program shall be by ordinance of the city council. Thereafter, changes to the program of a day to day operational character and decisions relating to the interpretation and implementation of the program may be made by the program administrator (city clerk). Major changes or shifts of policy positions under the program shall only be made by the city council.
Development, implementation, administration and oversight of the program will be the responsibility of the program administrator. The program administrator may, but shall not be required to, appoint a committee to administer the program. The program administrator shall be the head of any such committee. The program administrator will report at least annually to the city council regarding compliance with this program.
Issues to be addressed in the annual identity theft prevention report include:
   A.   The effectiveness of the policies and procedures in addressing the risk of identity theft in connection with the opening of new covered accounts and activity with respect to existing covered accounts.
   B.   Service provider arrangements.
   C.   Significant incidents involving identity theft and management's response.
   D.   Recommendations for material changes to the program, if needed for improvement. (Ord. 1397, 10-20-2008)