While the over­all risk of iden­ti­ty theft involv­ing the Coun­ty appears low, the Coun­ty will focus on detec­tion and pre­ven­tion from iden­ti­ty theft on the fol­low­ing cov­ered accounts: accounts to indi­vid­ual cus­tomers; all of the County’s accounts that are indi­vid­ual util­i­ty ser­vice accounts held by cus­tomers of the util­i­ty whether res­i­den­tial, com­mer­cial or indus­tri­al; any account the Coun­ty offers or main­tains pri­mar­i­ly for per­son­al, fam­i­ly or house­hold pur­pos­es that involves mul­ti­ple pay­ments or trans­ac­tions; and any oth­er account for which there is a rea­son­ably fore­see­able risk to cus­tomers or to the safe­ty and sound­ness of the Coun­ty from Iden­ti­ty Theft, as well as auto­mat­ic deposits to the accounts of the Coun­ty employ­ees.  There will be a peri­od­ic review to deter­mine if the cov­ered accounts are still accu­rate due to any changes such as changes of address or oth­er changes which may occur relat­ing to an account.

Each type of cov­ered account will be exam­ined and reviewed for rel­e­vant Red Flags in part by considering:

(A) The meth­ods pro­vid­ed to open cov­ered accounts;

(B) The meth­ods pro­vid­ed to access cov­ered accounts; and

(C) Pre­vi­ous expe­ri­ences with iden­ti­ty theft.

As part of the process, the Coun­ty will con­sid­er the rel­e­vant Red Flags pro­vid­ed by the reg­u­la­to­ry guid­ance, as well as inci­dents of iden­ti­ty theft that the Coun­ty and/or the Coun­ty cus­tomers have expe­ri­enced and applic­a­ble super­vi­so­ry guidance.