By Terry Dortch
Auto dealers are attractive candidates for failure to protect consumer financial information, and are being targeted by both the Federal Trade Commission — responsible for ensuring this protection — and identity thieves, who’ll seemingly try anything to get this information.
Recent FTC actions against a dealership make clear:
- Your dealership is deemed a financial institution and is no longer flying under the FTC’s radar – it is now a bright light
- Your dealership is certainly an attractive beacon on the radar of criminal elements who seek your financial and customer information
“If your idea of financial compliance is the issuance of a privacy statement, and a written document you created or bought five years ago, then you are playing Russian roulette with the FTC and identity thieves,” says Terry Dortch, President of Automotive Compliance Consultants.
The FTC alleged that one dealership failed to take reasonable safeguards to protect and secure customer information when the information of approximately 95,000 customers was compromised and made available on a P2P network.
The FTC said this dealership failed to:
- Assess risks to the consumer personal information it collected and stored on line.
- Adopt policies to prevent or limit the extent of unauthorized disclosure of personal information.
- Use reasonable methods to prevent, detect and investigate unauthorized access to personal information on its networks.
- Adequately train employees about information security.
- Employ reasonable measures to respond to unauthorized access to personal information.
How does your dealership network security compare to dealerships that have been flagged by the FTC for failing compliance standards?
Automotive Compliance Consultants specializes in dealership compliance, providing in-dealership consultations and analysis, compliance audits, training and solutions for all compliance needs. For more information, contact Terry Dortch at [email protected] or visit www.compliantnow.com.