July 25, 2006

Members of the University Community:

We are pleased to announce a new universitywide policy, the Identity Theft Compliance Policy 50.3.9, which is now available at the University Policy Library web site (http://policies.rutgers.edu/PDF/Section50/50_3/50.3.9.pdf ).

This new policy has been developed to ensure university compliance with the New Jersey Identity Theft Prevention Act, which went into effect January 1, 2006. Over the past several months, a committee representing key service areas met to review similar policies at other institutions and to draft a policy for Rutgers to ensure compliance with appropriate laws and regulations.

The policy provides assistance in both the prevention and detection of identity theft by outlining responsibilities and guidelines for collecting, retaining, and restricting access to personal information.  It also specifies that any breach of security or compromise of systems containing personal information must be reported immediately to the Office of Information Protection and Security (IPS) and the local unit head. Immediate reporting is especially important, since the law stipulates that affected individuals should be notified in a timely manner. 

The Identify Theft Reporting Guidelines provide further background on the communication steps and responsibilities in determining whether a security breach requires notification. Please visit http://oit.rutgers.edu/documents/ID_Theft_Guide.pdf to view the guidelines.

It is most important that we follow this policy consistently across the university to ensure Rutgers compliance. Please review the policy and guidelines carefully. Questions on the policy and guidelines may be directed to rusecure@rutgers.edu.

Thank you for ensuring compliance with the new law.

Sincerely,

Philip Furmanski                                            Jeff Apfel
Executive Vice President                                Senior Vice President for Administration
for Academic Affairs                                       and Chief Financial Officer