153.01 Purpose.
153.02 Definitions.
153.03 Sensitive information.
153.04 Red flags.
153.05 Responding to red flags.
153.06 Appropriate responses for suspected fraud.
153.07 Appropriate responses for fraudulent actions.
153.08 Duties regarding address discrepancies.
153.09 Updating program.
153.10 Oversight of program.
CROSS REFERENCES
Theft and fraud - see GEN. OFF. Ch. 545
This program is to enable the City to protect employees, agents and citizens reduce risk from identity fraud, and minimize potential damage to the City from fraudulent new accounts and to help the City; identify risks that signify potentially fraudulent activity within new or existing covered accounts; detect risks when they occur in covered accounts; respond to risks to determine if fraudulent activity has occurred and act if fraud has been attempted or committed; and update the program periodically, including reviewing the accounts that are covered and the identified risks that are part of the program. (Ord. 09-0-73. Passed 9-15-09.)
For purposes of this program, the following terms shall have the following definitions:
(a) "Covered account" means an account that the City offers or maintains, primarily for personal, family, or household purposes that involves or is designed to permit multiple payments or transactions such as credit card accounts, utility accounts, and any other account that the City offers or maintains for which there is a reasonably foreseeable risk to customers or to the safety and soundness of the City from identity theft, including financial, operational, compliance, reputation or litigation risks.
(b) "Employees", for purposes of this Program, Employees shall include Employees of the City and Employees of service providers under contract with the City.
(c) "Identify theft" means fraud committed or attempted using the identifying information of another person without authority.
(d) "Program Coordinator" means the City Manager or his/her designee.
(e) "Red flag" means a pattern, practice or specific activity that indicates the possible existence of identity theft.
(f) "Sensitive Information" means the following items whether stored in electronic or printed format: Credit card information, (credit card number, expiration date, cardholder name); Tax identification numbers; Social Security numbers; Employer identification numbers; Personal information such as, date of birth, address, phone numbers, maiden name, customer number.
(Ord. 09-0-73. Passed 9-15-09.)
Employees are to use common sense judgment in securing sensitive information to the proper extent. File cabinets, desk drawers, overhead cabinets, and any other storage space containing documents with sensitive information will be secured when not in use. Storage rooms containing documents with sensitive information and record retention areas will be locked at the end of each workday or when unsupervised. Desks, workstations, work areas, printers and fax machines, and common shared work areas should be cleared of all documents containing sensitive information when not in use. (Ord. 09-0-73. Passed 9-15-09.)
Loading...