Preamble:
The Federal Trade Commission's "Red Flags Rule" implements Section 114
of the Fair and Accurate Credit Transactions Act of 2003. In
follow-up, this policy is intended to implement an Identity Theft
Prevention Program for the University that:
| (i) | Identifies
relevant warnings ("Red Flags") for certain identified covered accounts
it offers or maintains; |
||
| (ii) | Detects those Red Flags that have been identified; |
||
| (iii) | Responds appropriately to any
Red Flags that are detected to seek to prevent and mitigate identity
theft; |
||
| (iv) |
Ensures that the Identity Theft
Prevention Program is reviewed periodically and updated as appropriate
to reflect changes in risks to students and with regard to the safety
and soundness of creditors from identity theft; and |
||
| (v) |
Encourages University employees
to report suspected cases of identity theft involving a covered account
or student to the Vice President for Administration and Finance or to
the University General Counsel's Office. |
Policy Statement:
1. Covered Accounts
A
"covered account" is an account that is offered or maintained primarily
for personal, family or household purposes that involves or is designed
to permit multiple payment transactions. Wichita State University
has
identified five types of covered accounts, four of which are
administered by the University and one that is administered by a
service provider.
University
covered accounts:
The University Identity Theft Prevention Program identifies the
following Red Flags:
| a. | Documents
provided for identification appear to have been altered or forged; |
||
| b. | The photograph or physical description on the identification
is not consistent with the appearance of the student presenting the
identification; |
||
| c. | A request made from a non-WSU
issued E-mail account; |
||
| d. |
A request to mail something to
an address not listed on file; or |
||
| e. |
Notice from customers, victims
of identity theft, law enforcement authorities, or other persons
regarding possible identity theft in connection with covered accounts. |
3. Detection of Red Flags
The University Identity Theft Prevention Program will detect Red
Flags relevant to each type of covered account as follows:
| a. | Refund of credit balances involving PLUS
loans - As directed by federal
regulations (U.S. Department of Education) these balances are required
to be refunded in the parent's name and mailed to their address on file
within the time period specified. No request is required. Red Flag - None as this is initiated by the University. |
||
| b. | Refund of credit balances without PLUS
loans - Request
from current students must be made in writing by using the University
form "Petition for Exception to Tuition Refund Policy." If the
request is approved, the refund amount is direct deposited in the
student's bank account using the banking information provided to WSU by
the student using their myWSU ID and the student portal. If
direct
deposit is not available, checks can only be mailed to an address on
file, as provided by the student. If an address is determined to
be non-deliverable by the U.S. mail, checks can be picked up in person
by showing their WSU Photo ID. Red Flag - Photo ID does not appear to be authentic or does not match the appearance of the student presenting it. |
||
| c. |
Deferment of tuition payments (tuition
payment plan) -
Students request a tuition payment plan by using their myWSU ID to
access the secure WSU student portal. Requests are made
electronically and payment plans are accepted provided the student has
no delinquent charges on their account. Red Flag - None, as students can only make this request via the secure portal. In person requests are not accepted. |
||
| d. | Emergency loans - Requests
must be made in person to the Office of the Vice President for Campus
Life and University Relations (CLUR). Students are required to
present their WSU Photo ID. Once approved by CLUR, the student
completes the WSU form "Requisition for Emergency Loan Check."
The loan check can only be picked up by the student presenting their
WSU Photo ID. Red Flag - Photo ID does not appear to be authentic or does not match the appearance of the student presenting it. |
4. Oversight of Service
Provider Arrangements
The University shall take steps to ensure that the activity of a
service provider is conducted in accordance with reasonable policies
and procedures designed to detect, prevent, and mitigate the risk of
identity theft whenever the organization engages a service provider to
perform an activity in connection with one or more covered accounts.
Currently the University uses ECSI to administer the Perkins Loan
program. Students contact ECSI directly through its website or by
telephone and provide personally identifying information to be matched
to records that Wichita State University has provided ECSI.
5. Staff Training
University employees responsible for implementing the Identity Theft
Prevention Program shall be trained in the detection of Red Flags and
the responsive steps to be taken when a Red Flag is detected.
Training shall be provided on an annual basis.
6. Periodic Review
The Vice President and General Counsel will implement and facilitate an annual review of the University Identity Theft Prevention Program and suggest updates as deemed appropriate or as required by law.Implementation:
This policy shall be included in the WSU Policies and Procedures
Manual and shared with appropriate constituencies of the
University.
The Vice President for Administration and Finance shall have primary responsibility for publication, dissemination and distribution of this University policy.
Effective Date:
August 1, 2009
October 13, 2009