Skip Navigation

NAID Issues Red Flag Language for Policies & Contracts

Bookmark and Share

The FTC has postponed the effective date of the regulation requiring written information protection and ID theft prevention procedures for a second time—this time until November 1st.  The FTC also announced it will “redouble” its educational efforts regarding the regulation. 

While it is relatively clear that secure destruction companies are not directly subject to the Red Flag Rule, it is also clear that customers who are covered will likely ask for Red Flag language from vendors handing sensitive personal information.   Most likely, clients covered by the Red Flag Rule will want to see appropriate “Red Flag” language added to vendors’ policies and procedures, as well as a “Red Flag” clause added to vendors’ contracts. 

In anticipation NAID has prepared “cut and paste” policy language addressing the Red Flag mandates, and a new contract clause.  These materials will be available September 1st to Active and Franchise Members at no charge.  To obtain the documents, members must complete the NAID Red Flag Rule Release.