Collections Agencies


What do I have to do?

Designate a qualified individual to implement and supervise your company’s information security program.

Conduct a risk assessment.

Design and implement safeguards to control the risks identified through your risk assessment.

Regularly monitor and test the effectiveness of your safeguards.

Train your staff.

Monitor your service providers.

Keep your information security program current.

Create a written incident response plan.

Require your Qualified Individual to report to your Board of Directors.