TADA sponsored a webinar in February with the law firm of Locke Lord designed to assist your dealership in designing a Written Information Security Program (WISP) as well as complying with the federal requirements for “Red Flags.”
As a ”financial institution,” the dealership is charged with implementing privacy and safeguards under the Gramm-Leach-Bliley Act. As the federal government is becoming more aggressive in its enforcement of these requirements and as a concern regarding private litigation against your business increases, TADA encourages its members to review the webinar and templates.
A WISP must contain safeguards to ensure the security and confidentiality of the information and protect against anticipated threats and unauthorized access or use of information that could result in substantial harm or inconvenience to a customer.
Risk assessments include and require training, a review of information systems, and how to detect, prevent, and respond to system failures and intrusions.
Oversight by the dealership of the DMS provider and consideration of contractual requirements must also be evaluated and reviewed periodically.
The webinar and deck, and templates from the webinar are available in a PDF format to the TADA membership. The templates include the following:
- Written Information Security Program (WISP);
- Red Flags Rule Questionnaire;
- Red Flags Rule Compliance Checklist;
- Red Flags Rule Identity Theft Prevention Program; and,
- Privacy, Safeguards and Red Flags Addendum.
To access the information, go to the TADA website, tada.org and on the Legal/Regulatory drop down tab, choose “FTC Red Flags Webinar.” Sign-in is required. If you do not know your login/password, please contact Janet Hale at email@example.com.