PROTECT YOUR BUSINESS - AND YOUR CUSTOMERS —
FROM IDENTITY THEFT
‘One of the keys to preventing identity theft is to
safeguard personal information within the workplace,
whether it's a business, government agency, or
nonprofit, Targets for identity thieves include SSNs,
driver's license numbers, financial account numbers,
PINs, passcodes, and dates of birth. Here are some
strategies to use in your business to reduce the
possibility of intentional or inadvertent disclosure of
employee or customer/client personal. information
which might open your business or you personally to
an action for such release or failure to safeguard:
+ Store and encrypt sensitive personal data in
secure computer systems, Make sure wireless
connections are password-protected. Hard copies of
documents should be stored in secure spaces such as
locked file cabinets, and data should only be
available to qualified persons.
+ Dispose of documents properly. SHRED,
SHRED, SHRED. “Wipk onic files; destroy
‘old computer drives and CD's or other electronic
storage devices before simply throwing them away.
Most stated have enacted some type of document
destruction law. ‘The federal Fair Credit Reporting
‘Act (FACT) has a provision on document disposal
(section 216). Place shredders around the office,
near printers and fax machines, and near waste
baskets. Use cross-cut (confetti) shredders rather than
rip-shredders. Make sure dumpsters are locked and
inaccessible to the public.
+ Conduct regular staff training and sereening,
including screening new employees, temporary
employees, and contractors, and stress the need for
proper information safety procedures. Perform your
own investigation by conducting spot checks on
proper information handling. Reward employees and.
departments for maintaining “best practices.”
Importantly, conduct background checks on
employees (especially for individuals who have access
to personal information) and outside contractors such
as cleaning services, shredding services, and other
outside contractors.
ja display and disclosure. Do not print
full SSNs on paychecks or other business
documents. Do not print SSNs on mailed
documents; do not require that they be
transmitted via the Internet unless allowed by
law.
+ Safeguard mobile devices that contain sensitive
personal data, such as laptops, Blackberries,
PDAs, and mobile phones. These are a favorite
target of thieves.
+ Regularly audit compliance with all
information-handling practices and privacy
policies
In summary, everyone from the mail clerk to the
CEO must make it their business to handle personal
information responsibly in the workplace. Don't make
the workplace a breeding ground for identity theft
More importantly, don’t allow your business - or you
personally - to become liable for a claim by an
employee or customer/client due to the inadvertent
release (or intentional theft) of valuable personal
information.
ROBERT. SCHILLBERG, JR is a member of EMACC ands anatomey
Ieensed in New Jersey and New Yor. with an office in Red Bank. Neve
Jersey, praccing primaniy nthe areas of business and corporate aw, cul
lingaton, muneipa’ court ana resigenvaveommercia eal estate