FTC Red Flags Rule compliance with message encryption

Oct 20 2009

With the deadline for compliance with the Federal Trade Commission's (FTC) Red Flags Rule looming, one Colorado Internet company is providing a simple solution -- encrypt your messages.

"For everyday written communications, email is of course the standard way to send messages over the Internet. When a message contains confidential information, you need to encrypt it," says Jon Lybrook, Chief Developer and CEO of WordSecure, LLC of Boulder, Colorado.

The Red Flags Rule, an FTC regulation, requires businesses in every industry to protect customer financial data and institute best practices to discourage identify theft, or be held liable. In banking and other industries, compliance requires large companies to make an enormous investment and procedural upgrades, but there are ways smaller companies can comply with the ruling simply and affordably.

One approach is to subscribe to a software service compliant with the Red Flags Rule and Health Insurance Portability and Accountability Act (HIPAA), and which allows businesses and their customers to communicate directly with one another over an encrypted Internet connection. WordSecure (https://wordsecure.com), which has been on the market since 2007, was created to provide these services. "The developers of WordSecure take the HIPAA requirements seriously," says Todd Walker, president of Comprehensive Healthcare Advisors, LLC, in Columbus, Ohio. "WordSecure exceeds many aspects of the security rule requirements. It will also help my healthcare clients meet their obligations under the Red Flags Rule by offering a safe and secure means of exchanging payment information."

Standard email, while appropriate for most business communication, does not encrypt messages, so such email and any attached files can be intercepted and read by just about anyone with a laptop and a basic knowledge of computer networks. In some cases business owners can be held liable when that happens.

"Sending a private document as an email attachment is like running with scissors. Eventually you'll be sorry," says Tom Rouse, owner of WeBeLists.com and an eleven-year veteran of a bulk email delivery service based in Boulder, Colorado. "Many small businesses are not aware of the necessity for meeting compliance standards, or are frantically searching for a solution that is fast, easy, and economical. WordSecure meets all those criteria."

The Red Flags Rule takes effect November 1, 2009.

SOURCE: WordSecure, LLC