Identity Theft: Protecting Your Employees’ Identities is Good Business
by Thomas R. Kaiser Sr.
According to the Federal Trade Commission (FTC), the number one complaint consumers made in 2010 was related to identity theft[1]. There were over 250,000 complaints filed with the FTC regarding identity theft, which represented 19% of all complaints filed. Despite continued media coverage a general misconception persists that identity theft only happens to “someone else.” As a small business owner, what if that “someone else” is your own employee? And what if that theft occurred on your business premises?
Beyond the employee’s own personal lives, workplace thefts do account for a significant portion of identity theft cases each year[2]. Employers need to be conscious of these risks, and though they cannot completely protect their employees, they can (and should) take some reasonable steps to help reduce the exposure of their employee’s personally identifiable information (PII). Here are some simple steps an employer can take to minimize the risk of employee identity theft:
- Restrict personnel records (SSN, bank account, etc., etc.) to authorized HR personnel
- Ensure all authorized individuals have their own login ID and password to access databases. There should be no shared access or passwords.
- Encourage employees to lock-up personal belongings during normal working hours and if possible provide a storage locker with individual locks
- Do not allow visitors onto the sales or office floors or in other work areas without an employee escort who should remain with the visitor at all times
- Mandate that all employees lock their computer when away from their desks
- Prohibit personal mail delivery to the business
- Develop and enforce disciplinary actions for security violations involving both customer and employee PII
Employers should incorporate as many of these measures as possible. At minimum businesses should implement the following two security measures:
- As an employer there is no need to use the employees SSN as an identifier on personnel records. By eliminating the SSN from personnel record employee’s risks are reduced significantly. Additionally, most states have laws that prohibit the use of the SSN as an employee identification number, and,
- Businesses should implement risk management training and education to its employees. New hires should be trained in the company’s information security policies and current employees should reaffirm their understanding of these policies annually.
Thomas R Kaiser Sr. is a Certified Identity Theft Risk Management Specialist in the financial services industry in mortgage banking, identity theft, check fraud and insurance.
[1] FTC Releases List of Top Consumer Complaints in 2010; Identity Theft Tops the List Again (March 8, 2011) http://ftc.gov/opa/2011/03/topcomplaints.shtm
[2] Identity Theft Resource Center (ITRC) – In the Workplace Frequently Asked Questions (April 30, 2007) http://www.idtheftcenter.org/artman2/publish/c_faq/In_The_Workplace_-_Frequently_Asked_Questions.shtml
You may also enjoy reading
-
Identity Theft: Foster Children at Risk of ID Theft
I've talked before about the horrible act of stealing the identity of children. Identity thieves and sometimes even parents steal a child's unused Social Security number because it provides them with a clean credit report; the number can be used with any name and date of birth because no credit history files exist that tie it to the child's identity. There's one group of children that's at an even higher risk than others, and unfortunately these are the children who need a safe and trustworthy environment more than anyone else. ... Continue Reading
-
Identity Theft: The Best Tool for Cleaning Up an Identity Mess, and Why it May Not Be Available to You
Falling victim to an identity thief is more than just inconvenient; it can be downright traumatizing. Aside from the initial shock and surprise that occurs when you first realize you’ve been targeted; the most difficult aspect of dealing with your case is often figuring out just what to do; where to go, and who to speak to. Part of the process requires the consumer to reach out to the various creditors who may have been victimized by the thief’s activities to inform them of the fraudulent nature of the debts the consumer supposedly owes. ... Continue Reading
-
Medical Identity Theft – A Rising Fraud with Adverse Effects
Medical identity theft is among the most devastating and dangerous of identity-related crimes perpetrated against consumers. It occurs when someone misrepresents who they are in order to obtain health-related services. When someone steals your medical identity your Personal Health Information (PHI) can become contaminated with the thief’s medical information. This can lead to misdiagnosis and potentially put your life at risk. ... Continue Reading
-
Small Business Fraud: Does Aunt Mavis Have Her Hand in the Till?
In recognition of ACFE’s International Fraud Awareness Week (November 6-12, 2011), we offer the blog article below focusing on small business internal (occupational) fraud, which according to the ACFE's 2010 examiners report ranks highest in frequency of all businesses at 31%. Mavis Farquar is a bookkeeper for a small business. She’s been an employee for 25 years. She has attended every baby shower, wedding, graduation and bar (and bas) mitzvah and a few funerals of the owners’ and other employees’ families. ... Continue Reading
-
Identity Theft: When a Child is Using a Parent’s Identity
It’s a parent’s nightmare to find out their child is a thief. Discovering the target is you can be the beginning of an emotional roller coaster that includes denial, anger, feelings of betrayal, and confusion. You may find yourself up at nights, wondering what you did wrong. The answer is: you didn’t. Your adult child chose to take certain actions that have consequences. You did not cause them to do this. ... Continue Reading
Identity Theft: Protecting your Employee’s Identities is Good Business « learnaboutfraud said on January 28, 12 at 03:14pm
[...] Commission (FTC), the number one complaint consumers made in 2010 was related to identity theft[1]. There were over 250,000 complaints filed with the FTC regarding identity theft, which represented [...]