Identity Theft Prevention Program
Red Flag Rules



Mouse over this text to see Keys for Lesson Material

Click "Next Page" to get started

Training Purpose

To ensure that the annual training requirement for Red Flag Rules are met and perform the following activities.



Course Objectives

This course defines Red Flag Rules requirements, who is impacted by the rules and how to address an incident where a Red Flag appears. The training will also provide examples of Red Flags that one may find in your work environment.

A the conclusion of this course you will be able to:

What is Reg Flag?

All Higher Education institutions are required to develop an identity Theft Prevention Program (policy) pursuant to the Federal Trade Commission's Red Flags Rule ("Rule"), which implements Section 114 of the Fair and Accurate Credit Transactions Act of 2003.

The purpose of this policy is to establish an Identity Theft Prevention Program designed to detect, prevent and mitigate identity theft in connection with the opening of a covered account or an existing covered account and to provide for continued administration of the Program.

The Program shall include reasonable policies and procedures to:

  1. Identify relevant red flags for covered accounts it offers or maintains and incorporate those red flags into the program;
  2. Detect red flags that have been incorporated into the Program;
  3. Respond appropriately to any red flags that are detected to prevent and mitigate identity theft; and
  4. Ensure the Program is updated periodically to reflect changes in risks to Students and to the safety and soundness of the creditor from identity theft.

The program shall, as appropriate, incorporate existing policies and procedures that control reasonably foreseeable risks.

Does Higher Education have to Participate?

Yes, the following is a summary of the effective date and why Higher Education must participate.

What is Required?

Your role is to help detect and prevent potential identity theft by looking for Red Flags which may indicate identity theft may be occurring.

The following cycle is required to comply with this requirement.


Test your skills... click the activity below...

 Hyperlink to Ordering Activity 

Detailed Definitions for Red Flag



Identity Theft

Fraud committed or attempted using the identifying information of another person without authority.

Covered Account

Any account that involves or is designated to permit multiple payments or transactions; or

Any other account maintained by the Institution for which there is a reasonably foreseeable risk of identity theft to students, faculty, staff or other applicable constituents, or for which there is a reasonably foreseeable risk to the safety or soundness of the Institution from identity theft, including financial, operational, compliance, reputation or litigation risks.

Red Flag

A pattern, practice or specific activity that indicates the possible existence of identity theft

Personally Identifying Information (Mouse over definitions to see examples of each)

Personal Information

Credit Card or other accounts information

Tax identification numbers

Payroll Information

Medical Information

Government issued identification numbers

Confidential Data

Information that the College is under legal or contractual obligation to protect.

Need to Know

Authorization given to a user for whom access to the information is necessary for the conduct of one's official duties and job functions as approved by the employee's supervisor.

Public Record

A record or data item that any entity, either internal or external to the College, can access.


Identify Covered Accounts

Each institution is responsible for identifying covered accounts.

There are five major types of accounts, four of which are covered accounts administered by the institution and one type of account that is administered by a service provider. Although the institution has identified five major types of covered accounts all areas of the institution should be sensitive to identify theft prevention.


Identify Red Flags

Indicators that may raise "Red Flags" with examples:



Test your skills... click below...


 Toggle open/close quiz question

Detecting Red Flags

The following are examples of where identity theft might be detected and ways to detect and prevent compromise.

Student Enrollment

Existing Accounts

Consumer/Credit Report Requests.


Oversight of Service Providers

Each institution must provide oversight by:


See the institutional Identity Theft Prevention Plan for contractual statements and forms.


Institutional Response

Once detected the institutions must:



Protecting Personally Identifiable Information (PII)

Click highlighted text to view this FTC video to see why protecting Personally Identifiable Information is important: Deter-Detect-Defend

Suggestions for protecting Personally Identifiable Information or PII:

For further information on the importance of protecting personal information, see the FTC Interactive Guide link in the sidebar to the right

Proficiency Test

You have now completed the training review. In order to complete your certification you must take the quiz by clicking "Quiz Group" below. After answering the question clieck the "NEXT" button to see the next question. After completing the test you may review answers. You must answer a minimum of 5 correctly to pass. Once you have reviewed your answers click "NEXT PAGE" at the bottom to print and send your certificate. DO NOT CLICK RETRY IF YOU PASS.

NOTE: To print the certificate after successfully passing the test you must be on a computer that has access to a printer.   The use of iPads or other devices that do not support Adobe Flash will not allow the viewing or printing of the certificate.


 Toggle open/close quiz group


Type your name in the space below and click "EMail Score" to record your completion of this training module. Click "Print Certificate" to print a certificate of completion. When the certificate window opens, right click on the cerfificate and select Print. You must select Preference and set your printer to landscape before clicking Print. You may also print a copy of your score by clicking "Print Score Summary".

If you have not successfully completed the test then you will not be able to e-mail and print a certificate.