(A) The city adopts this Sensitive Information Policy to help protect employees, customers, contractors and the city from damages related to the loss or misuse of sensitive information. This policy will:
(1) Define sensitive information;
(2) Describe the physical security of data when it is printed on paper; and
(3) Describe the electronic security of data when stored and distributed.
(B) Putting the Identity Theft Prevention Program in place enables the city to protect existing customers, reducing risk from identity fraud and minimize potential damage to the city from fraudulent new accounts. The program will help the city:
(1) Identify risks that signify potentially fraudulent activity within new or existing covered accounts;
(2) Detect risks when they occur in covered accounts;
(3) Respond to risks to determine if fraudulent activity has occurred and act if fraud has been attempted or committed; and
(4) Update the program periodically, including reviewing accounts that are covered and identified risks that are part of the program.
(Ord. 1400, passed 4-21-09)