Office of the Vice President for Global Communications

Friday, October 16, 2009

University in compliance with federal identity theft rules

At its meeting Thursday, the Board of Regents formally approved the university’s program to detect and mitigate risks associated with identity theft for covered accounts, in compliance with Federal Trade Commission regulations commonly known as the “red flag rules.”

In general, covered accounts are loans or other instances where a person obtains money, goods or services by presenting, among other things, appropriate proof of identity. The university’s identity-theft program covers the Ann Arbor, Dearborn and Flint campuses.

“A red flag is a specific activity that suggests there could be a possibility of identity theft,” says Cheryl Soper, the university’s controller and director of financial operations. “Our program is a multi-tiered approach to detecting and mitigating this type of theft. We have not had a problem with identity theft at the university in the areas covered by the red flag rules, but this program makes our prevention program even stronger.”

Examples of potential red flags include:

• Altered or forged documents or documents that are inconsistent with information already on file with the university.

• Unauthorized charges or transactions on an account, lost or stolen university identification documents, a fraud alert or identity theft.

• Questions designed to protect privacy and account information that are answered incorrectly.

• Notice of an address discrepancy from a credit-reporting agency.

“If red flags are detected, appropriate steps to respond and mitigate identity theft will be taken depending on the nature and degree of risk. These steps include, but are not limited to, notifying account holders, changing passwords that permit access to accounts or contacting law enforcement officials,” Soper says.

More information on the university’s compliance with the red flag rules is available at