City of Dover
Delaware
Delaware
LEGISLATIVE, FINANCE AND ADMINISTRATION COMMITTEE
The Legislative, Finance, and Administration Committee meeting was held on March 23, 2009, at 6:00 p.m. with Chairman Slavin presiding. Members present were Mr. Salters, Mr. McGlumphy, Mr. Shevock, and Dr. Jones. Members of Council present were Mr. McGiffin, Mr. Leary, and Mr. Hogan. Mayor Carey was also present.
AGENDA ADDITIONS/DELETIONS
Mr. Salters moved for approval of the agenda, seconded by Mr. Shevock and unanimously carried.
REVIEW AND RECOMMENDATION - FILLING CRITICAL POSITIONS
During their meeting of February 23, 2009, members recommended approval of the Hiring Freeze for Fiscal Year 2008-2009, but to allow the hiring of critical positions through the review and approval of the Legislative, Finance, and Administration Committee and City Council. It was suggested that there be a “standing” agenda item to consider the filling of critical positions and, if there are no positions to consider, the item could be removed.
Mr. Slavin noted that there were no critical positions to be considered; therefore, no action was required of the committee.
IDENTITY THEFT PREVENTION POLICY
During their meeting of November 10, 2008, members reviewed a Presentation of the City of Dover Identity Theft Prevention Policy. It was staff’s intention to revise the policy to be more specific to the City of Dover.
Mrs. Terry Tieman, Senior City Administrator, provided members with the revised City of Dover Identity Theft Prevention Policy and explained that the FACT ACT (2003) was passed to set standards for guarding customer information. It took effect January 1, 2008; however, entities covered by the rule have until May 1, 2009, to implement programs to comply with the rule. The rule requires creditors (which includes utilities or any entity that would process payments and establish ongoing accounts) to establish identity theft prevention programs for covered accounts. On November 1, 2007, the red flags (patterns or particular specific activities that indicate possible risk of identity theft) were added to hold businesses liable for the prevention, detection and mitigation of identity theft.
Mrs. Tieman stated that the FACT Act requires the City to develop a privacy policy; identify red flags; perform a needs assessment; document choices for mitigation; use best practices for record disposal; document employee training; document employee screening; form a privacy committee; document procedures for handling a breach in security; document procedures for handling address discrepancies; document procedures for handling a customer’s request for information; document internal and external IT security procedures; document complaints; perform yearly assessments; and compile annual reports for internal purposes.
Mrs. Tieman indicated that the Federal Trade Commission enforces the FACT Act. Punitive fines are expected to represent the degree of negligence and total loss; therefore, the City must demonstrate “reasonable security” of its customer’s information.
Mrs. Tieman advised members that the Privacy Committee began holding meetings in October to review the City’s current policies and procedures. The Committee also identified red flags, performed needs assessments, and reviewed procedures for handling a breach in the security of customer information.
Responding to Mr. Salters, Mrs. Tieman stated that the Administrative Services Department has begun training on the proper handling of documentation to protect an individuals identity. She also indicated that the City is considering purchasing privacy screens for computers to help prevent identity theft.
Mr. Salters moved to recommend approval of the Identity Theft Prevention Policy (Attachment #1), as recommended by Staff. The motion was seconded by Dr. Jones and unanimously carried.
Mr. Shevock moved for adjournment, seconded by Mr. McGlumphy and unanimously carried.
Meeting Adjourned at 6:07 P.M.
Respectfully submitted,
Timothy A. Slavin
Chairman
TAS/RR/ac
S:ClerksOfficeAgendas&MinutesCommittee-Minutes20093-23-2009 LF&A.wpd
Attachment:
Attachment #1 - City of Dover Identity Theft Prevention Policy