Policies and Procedures Banner 

13.15 / Identity Theft Prevention

Purpose:
The purpose of this statement is to set forth University policy with regard to the detection, prevention, and mitigation of identity theft in connection with various accounts maintained by the University.

Preamble:
The Federal Trade Commission's "Red Flags Rule" implements Section 114 of the Fair and Accurate Credit Transactions Act of 2003. In follow-up, this policy is intended to implement an Identity Theft Prevention Program for the University that:


(i)
Identifies relevant warnings ("Red Flags") for certain identified covered accounts it offers or maintains;


(ii)
Detects those Red Flags that have been identified;


(iii)
Responds appropriately to any Red Flags that are detected to seek to prevent and mitigate identity theft;


(iv)

Ensures that the Identity Theft Prevention Program is reviewed periodically and updated as appropriate to reflect changes in risks to students and with regard to the safety and soundness of creditors from identity theft; and


(v)

Encourages University employees to report suspected cases of identity theft involving a covered account or student to the Vice President for Administration and Finance or to the University General Counsel's Office.

Policy Statement:

1.  Covered Accounts

A "covered account" is an account that is offered or maintained primarily for personal, family or household purposes that involves or is designed to permit multiple payment transactions. Wichita State University has identified five types of covered accounts, four of which are administered by the University and one that is administered by a service provider.

University covered accounts:

  1. Refund of credit balances involving PLUS loans
  2. Refund of credit balances without PLUS loans
  3. Deferment of tuition payments
Service provider covered account:
  1. Perkins payment plan administered by Educational Computer Systems, Inc. (ECSI). See provision 4 relating to the Oversight of Service Provider Arrangements.
2.  Identification of Relevant Red Flags

The University Identity Theft Prevention Program identifies the following Red Flags:


a.
Documents provided for identification appear to have been altered or forged;

b.
The photograph or physical description on the identification is not consistent with the appearance of the student presenting the identification;

c.
A request made from a non-WSU issued email account;

d.

A request to mail something to an address not listed on file; or

e.

Notice from customers, victims of identity theft, law enforcement authorities, or other persons regarding possible identity theft in connection with covered accounts.

3.  Detection of Red Flags

The University Identity Theft Prevention Program will detect Red Flags relevant to each type of covered account as follows:


a.
Refund of credit balances involving PLUS loans - As directed by federal regulations (U.S. Department of Education) these balances are required to be refunded in the parent's name and mailed to their address on file within the time period specified. No request is required. 

Red Flag - None as this is initiated by the University.


b.
Refund of credit balances without PLUS loans - Request from current students must be made in writing by using the University form "Petition for Exception to Tuition Refund Policy." If the request is approved, the refund amount is direct deposited in the student's bank account using the banking information provided to WSU by the student using their myWSU ID and the student portal. If direct deposit is not available, checks can only be mailed to an address on file, as provided by the student. If an address is determined to be non-deliverable by the U.S. mail, checks can be picked up in person by showing their WSU Photo ID. 

Red Flag - Photo ID does not appear to be authentic or does not match the appearance of the student presenting it.


c.

Deferment of tuition payments (tuition payment plan) - Students request a tuition payment plan by using their myWSU ID to access the secure WSU student portal. Requests are made electronically and payment plans are accepted provided the student has no delinquent charges on their account. 

Red Flag - None, as students can only make this request via the secure portal. In person requests are not accepted.

4.  Oversight of Service Provider Arrangements

The University shall take steps to ensure that the activity of a service provider is conducted in accordance with reasonable policies and procedures designed to detect, prevent, and mitigate the risk of identity theft whenever the organization engages a service provider to perform an activity in connection with one or more covered accounts.

Currently the University uses ECSI to administer the Perkins Loan program. Students contact ECSI directly through its website or by telephone and provide personally identifying information to be matched to records that Wichita State University has provided ECSI.

5.  Staff Training

University employees responsible for implementing the Identity Theft Prevention Program shall be trained in the detection of Red Flags and the responsive steps to be taken when a Red Flag is detected. Training shall be provided on an annual basis.

6.  Periodic Review

The General Counsel will implement and facilitate an annual review of the University Identity Theft Prevention Program and suggest updates as deemed appropriate or as required by law.

7.  Oversight of the Identity Theft Prevention Program

Overall responsibility for developing and implementing the Identity Theft Prevention Program lies with the Vice President for Administration and Finance or the Vice President's designee.

Implementation:
This policy shall be included in the WSU Policies and Procedures Manual and shared with appropriate constituencies of the University.

The Vice President for Administration and Finance shall have primary responsibility for publication, dissemination and distribution of this University policy.

Effective Date:
August 1, 2009

Revision Date:
October 13, 2009
May 10, 2013

Click the left half to go to Chapter 13.  Click the right half to go to the Table of Contents. Chapter 13 Table of Contents