I Want To Departments & Agencies
News Events Employment Language

Human Resources Department

Employee Resources
County Of Sonoma Administrative Support & Fiscal Services Human Resources Employee Resources Administrative Policy Manual Section VII Prevention and Mitigation of Identity Theft
Employee Resources

6-5 Identity Theft Prevention Program

County Administrator's Office

Return to Identity Theft Prevention Program Table of Contents

Approved: Board of Supervisors                                                          
Authority: Board of Supervisors and Board of Directors, Community Development Commission                                                                                    Revised Date: July 21, 2009

What’s on this Page

Section VII. Prevention and Mitigation of Identity Theft

  • Existing Accounts
  • New Accounts

Read Next: Section VIII and IX

VII. Prevention and Mitigation of Identity Theft

Existing Accounts

  1. In the event that any County or SCCDC employee responsible for or involved in restoring an existing covered account or accepting payment for a covered account becomes aware of red flags indicating possible identity theft with respect to existing covered accounts, such employee will use his/her discretion to determine whether such red flag or combination of red flags suggests a threat of identity theft. If such employee determines that identity theft or attempted identity theft is likely or probable, such employee will report such red flags to his/her immediate supervisor. If such employee deems that identity theft is unlikely or that reliable information is available to reconcile red flags, the employee will convey this information to his/her supervisor who may in his/her discretion determine that no further action is necessary. If it is determined that further action is necessary, the County or SCCDC employee will perform one or more of the following responses, as determined to be appropriate by his/her supervisor:
    1. Notify the customer regarding the information that indicates the threat of identity theft;
    2. Close the account;
    3. If applicable, cease attempts to collect additional charges from the customer and decline to sell or transfer the customer’s account to a debt collector in the event that the customer’s account has been accessed without authorization and such access has caused additional charges to accrue;
    4. If applicable, notify a debt collector of the discovery of likely or probable identity theft relating to a customer account that has been sold to or is being serviced by such debt collector in the event that a customer’s account has been transferred to a debt collector prior to the discovery of the likelihood or probability of identity theft relating to such account; 
    5. In the event that someone other than the customer has accessed the customer’s covered account causing additional charges to accrue or accessing personal identifying information, notify the Department Director or the Director’s designee (for the County) or the Executive Director (for the SCCDC). The Department Director, the Director’s designee, or the Executive Director will then determine whether further notifications to the County Administrator’s Office, County Counsel’s Office and/or the appropriate law enforcement department are warranted under the circumstances; or
    6. Take other appropriate action to prevent or mitigate identity theft.

New Accounts

  1. In the event that any County or SCCDC employee responsible for or involved in opening a new covered account becomes aware of red flags indicating possible identity theft with respect to an application for a new account, such employee will use his/her discretion to determine whether such red flag or combination of red flags suggests a threat of identity theft. If such employee determines that identity theft or attempted identity theft is likely or probable, such employee will report such red flags to his/her immediate supervisor. If such employee deems that identity theft is unlikely or that reliable information is available to reconcile red flags, the employee will convey this information and determine that no further action is necessary. If further action is necessary, the County or SCCDC employee will perform one or more of the following responses, as determined to be appropriate by his/her manager:
    1. Request additional identifying information from the applicant;
    2. Deny the application for the new account; 
    3. Notify the Stakeholder Department Director, the Director’s designee, or the Executive Director, as appropriate, who will then determine whether further notifications to the County Administrator’s Office, County Counsel’s Office and/or the appropriate law enforcement department are warranted under the circumstances; or
    4. Take other appropriate action to prevent or mitigate identity theft.

Back to top