The Red Flags Rule, which was signed into law on Dec. 18, 2010 and took effect Jan. 1, 2011, requires many businesses and organizations to implement a written identity theft prevention program designed to detect the warning signs — or "red flags" — of identity theft in their day-to-day operations. Specifically, financial institutions, creditors, users of consumer reports, and issuers of credit and debit cards must comply with the new regulations or face significant, even criminal, consequences.
To learn more about the Red Flags Rule, including its potential effect on insurers, ways to ensure compliance, and penalties for not doing so, PropertyCasualty360.com spoke with Neil Posner, Chair of the Policyholders' Insurance Coverage group at the Chicago area law firm of Much Shelist.
Mr. Posner asserts that without an explicit exemption by the Federal Trade Commission (FTC), insurers are subject to the Red Flags Rule because, depending on each individual insurance company’s structure, they could fall within the definition of “financial institution” or “creditor,” both of which are affected by the legislation. Likewise, there would be no exemption for those like independent claim adjusters who provide services on a given set of days and invoice their clients for payment on a later date.
To listen to the podcast, click the play button below.