10.20.040 Policy statement.
This section is included in your selections.
This policy applies to all WSSC business areas that use and maintain PII or customer information as it relates to a covered account definition as described above. This policy includes procedures to:
(a) Identify relevant red flags for covered accounts;
(b) Detect red flags;
(c) Respond appropriately to any red flags that are detected to prevent and mitigate identity theft;
(d) Update the program periodically to abate changes in risks to customers from identity theft and to maintain the safety and soundness of the program. Incorporate existing policies and procedures that control reasonably foreseeable risks; and
(e) Provide for continued administration of the program. (GMO 09-01 § II)