City of El Paso, IL Program Administration

§ 49-16 Program Administrator.

The City Administrator is responsible for the implementation and administration of the Program. In the event of a vacancy in the office of City Administrator, the City Clerk shall be responsible for the implementation and administration of the Program. The Program Administrator is responsible for the Program administration, for ensuring appropriate training of City of El Paso staff on the Program, for reviewing any staff reports regarding the detection of red flags, and for determining which steps of prevention and mitigation should be taken in particular circumstances and considering periodic changes to the Program.

§ 49-17 Periodic updates.

This Program must be periodically reviewed and updated to reflect changes in risks to customers and the soundness of the City of El Paso from identity theft.

At least annually, the Program Administrator shall consider:

(1)

The City of El Paso's experiences with identity theft;

(2)

Changes in identity theft methods;

(3)

Changes in methods for detecting and preventing identity theft;

(4)

Changes in types of accounts that the City of El Paso maintains; and

(5)

Changes in the City of El Paso's business arrangements with other entities.

After considering the factors under Subsection B, the Program Administrator must determine whether changes to the Program, including the listing of red flags, are warranted. If changes are warranted, then the Program Administrator must present the City Council with his or her recommended changes and the City Council shall determine whether to accept, modify or reject those changes to the Program.

§ 49-18 Staff training and reports.

The Program Administrator must train or direct the training of all of the City of El Paso staff who are responsible for implementing the Program. This training must include the detection of red flags and the responsive steps to be taken if a red flag is detected.

§ 49-19 Service provider arrangements.

If the City of El Paso engages a service provider to perform an activity in connection with one or more accounts, then the City of El Paso shall take the following steps to ensure that the service provider performs its activity in accordance with reasonable policies and procedures designated to detect, prevent, and mitigate identity theft:

Require, by contract, that service providers have such policies and procedures in place; and

Require, by contract, that service providers review the Program and report any red flags to the Program Administrator.