170.08 PROGRAM ADMINISTRATION.
(a) Involvement of Management.
(1) The Identity Theft Prevention Program shall not be operated as an extension to existing fraud prevention programs, and its importance warrants the highest level of attention.
(2) Operational responsibility of the program is delegated to the Mayor and Auditor in their respective departments, the Utility Billing Department Manager and to the oversight committee.
(3) Oversight of the Dover Identity Theft policy is delegated to the Oversight Committee and the Dover Utility Office Manager. The committee shall be appointed by the Mayor and shall include the Utility Billing Office Manager, the Auditor, the Treasurer, the Director of Telecommunications and such other persons as the Mayor determines are necessary to the effective use and implementation of the policy.
(b) Staff Training.
(1) Staff training shall be conducted for all employees, officials and contractors for whom it is reasonably foreseeable that they may encounter accounts or personally identifiable information that may constitute a risk to the Municipality or its customers.
(2) The Mayor and Auditor are responsible for ensuring identity theft training for all requisite employees and contractors.
(3) Employees must receive annual training in all elements of this policy.
(4) To ensure maximum effectiveness, employees may continue to receive additional training as changes to the program are made.
(c) Oversight of Service Provider Arrangements.
(1) It is the responsibility of the Municipality to ensure that the activities of all service providers are conducted in accordance with reasonable policies and procedures designed to detect, prevent, and mitigate the risk of identity theft.
(2) A service provider that maintains its own identity theft prevention program, consistent with the guidance of the red flag rules and validated by appropriate due diligence, may be considered to be meeting these requirements.
(3) Any specific requirements should be specifically addressed in the appropriate contract arrangements.
(Ord. 27-09. Passed 5-18-09.)
(Ord. 27-09. Passed 5-18-09.)