A new policy approved by Meadville Area Water Authority on Monday night is designed to help protect customers against identity theft. However, it isn’t a change that the customers themselves are likely to notice, according to Project Manager Don Nold.

The identity theft policy brings MAWA into compliance with the federal Identity Theft Red Flags Rule. Part of the Fair and Accurate Credit Transaction Act of 2003, the rule requires organizations described as “financial institutions and creditors” to develop and implement written identity theft prevention programs.

And what, an alert reader might ask, would that have to do with MAWA?

On Nov. 9, 2007, the Federal Trade Commission, Federal Deposit Insurance Corp., Federal Reserve Board, Office of the Comptroller of the Currency, Office of Thrift Supervision and National Credit Union Administration finalized the Identity Theft Red Flags regulations and guidelines. The final rule became effective Jan. 1. However, covered financial institutions and creditors weren’t required to comply for another 10 months. Until Saturday, to be exact.

In an Oct. 31, 2007, press release, the FTC noted the final rules require “each financial institution and creditor that holds any consumer account” to develop a program that will “identify relevant patterns, practices and specific forms of activity that are ‘red flags’ signaling possible identity theft and incorporate those red flags into the program; detect red flags that have been incorporated into the program; respond appropriately to any red flags that are detected to prevent and mitigate identity theft; and ensure the program is updated periodically to reflect changes in risks from identity theft.”

In the Fall 2008 issue, a newsletter from Pennsylvania Rural Water Association advised its members that utilities are indeed covered under the FTC’s new federal mandate. That’s because the regulation’s definition of “creditor” includes “any entity that regularly extends, renews, or continues credit.”

Working from models provided by both National Rural Water Association and American Water Services, which operates MAWA’s facilities on behalf of the authority, a plan was formulated in time for approval from authority members before the deadline.

“Most of the stuff we’re already in compliance on,” Nold said. Internal procedures include checking driver’s licenses and leases (in the case of rental units) before opening new accounts.

Utilities weren’t the only ones caught off-guard. For example, a letter to the FTC dated Sept. 24 and signed by more than two dozen professional medical associations objected to the position taken by FTC staff attorneys that physicians are “creditors” and therefore subject to the red flags rule if they don’t require full payment up front at the time they see patients. This would also apply to physicians who accept insurance if the patient is ultimately responsible for medical fees, including co-pays, deductibles or services not covered by insurance.

Noting that some industries and entities within FTC jurisdiction “have expressed confusion and uncertainty about their coverage under the rule,” on Oct. 22, the FTC announced that enforcement of the rule to entities under its jurisdiction will be delayed by six months, until May 1, 2009.

Mary Spicer can be reached at 724-6370 or by e-mail at mspicer@meadvilletribune.com.