Pub 61 2020-2021 Issue 3

30 Identity Theft Red Flags and Data Protection Webinar T ADA sponsored a webinar in February with the law firm of Locke Lord designed to as- sist your dealership in designing a Written Information Security Pro- gram (WISP) as well as complying with the federal requirements for “Red Flags.” As a ”financial institution,” the deal- ership is charged with implement- ing privacy and safeguards under the Gramm-Leach-Bliley Act. As the federal government is becoming more aggressive in its enforcement of these requirements and as a concern regarding private litigation against your business increases, TADA encourages its members to review the webinar and templates. A WISP must contain safeguards to ensure the security and confidentiality of the information and protect against anticipated threats and unauthor- ized access or use of information that could result in substantial harm or inconvenience to a customer. Risk assessments include and require training, a review of infor- mation systems, and how to detect, prevent, and respond to system failures and intrusions. Oversight by the dealership of the DMS provider and consideration of contractual requirements must also be evaluated and reviewed periodically. The webinar and deck, and tem- plates from the webinar are avail- able in a PDF format to the TADA membership. The templates include the following: 1. Written Information Security Program (WISP); 2. Red Flags Rule Questionnaire; 3. R ed Flags Rule Compliance Checklist; 4. R ed Flags Rule Identity Theft Prevention Program; and, 5. Privacy, Safeguards and Red Flags Addendum. To access the information, go to the TADA website, tada.org and on the Legal/Regulatory drop down tab, choose “FTC Red Flags Webinar.” Sign-in is required. If you do not know your login/pass- word, please contact Janet Hale at jhale@tada.org 