The Workplace Identity Thieves
Wednesday - June 07, 2006
The front line in the battle against identity theft is the employers. The reason is simple. Employment records contain just about everything an identity thief could want to know about an individual. Employers should be very interested in protecting employee information, because they could be held liable for failing to take proper care of sensitive information.
A recent ruling in Michigan awarded huge financial compensation to individuals whose identities were stolen, because their union neglected to safeguard their Social Security and driver’s license numbers. The ruling is sure to create national awareness, because it made the “caretaker” of personal information liable for its safety and misuse.
You have to give the health insurance business a lot of credit for moving quickly to protect patients’ privacy, security and data. This protection came with the passage of the Health Insurance Portability and Accountability Act (HIPAA). Most people are familiar with this law, which requires privacy protection of any information through which individuals could be identified, including any health information handled by the company, your health-care provider, or a third-party administrator.
Getting back to the workplace, why should employees be concerned? In two words, payroll records. Payroll is especially vulnerable to identity theft because many employers outsource their payroll obligations. For that reason, it is incumbent on the employers to check with their outside service providers and software vendors to make sure they have adequate protections in place.
At a recent convention of the The American Payroll Association, an official from the Federal Trade Commission’s division of planning and information cited an example of a large employer who hired a temporary employee to help with an unexpected payroll overload. The temporary employee brought in a backpack to work one day, loaded it up with printouts and was never seen again. The consequence was immediate, because the stolen information appeared up and down the entire East Coast. It was later revealed that the information was sold to identity theft gangs. It’s scary that they are that organized.
Many employers are now encrypting their employee records. Under the circumstances it makes good sense, since massive liability is a distinct possibility. The whole problem of identity theft has to fall on someone, and the likely challenge belongs to a company’s human resource manager or whoever is stuck with the responsibility.
That creates another headache, because studies show anywhere from 50 percent to 70 percent of identity theft occurs at work. The record shows employees steal information, just as merchandise is sometimes stolen. It’s interesting to note that the experts in thwarting identity theft have been able to determine that, in most cases, the identity thief is a contract worker or a temporary employee in an entry-level position, that it is rarely a one-person crime and more often than not, it involves a network.
Employees can help themselves by locking their desks, removing Social Security numbers from personal papers, moving fax machines to secure areas, not leaving sensitive papers on their desks and spending a few bucks for a hefty cross-cut paper shredder.
It was nice to hear that the Legislature passed six bills this session dealing with identity theft. The governor promptly signed them all into law, so now the real task of stopping or slowing down identity theft proceeds in a safe and secure manner.
E-mail this story | Print this page | Comments (0) | Archive | RSS Comments (0) |
Most Recent Comment(s):