Identity Protection

Location: Scotts Valley, CA, United States

Sunday, June 19, 2005

Facts about FACTA, Or What Does FACTA Mean to You and Your Company

Facts About FACTA, Or What Does FACTA Mean To You And Your Company

By Steve Mueller

Ever heard of FACTA? Most of us would say “No”. Have you heard that you can get a free credit report? To that we would say, “Yes”. So you have heard of FACTA. But how does that affect me?

FACTA stands for Fair and Accurate Credit Transaction Act. The law went into effect Jan. 1, 2005. FACTA is the law which allows all Americans access to their credit report once per year. So what does that have to do with you?

On June 1, 2005, a new provision of FACTA went into effect. It says that any employer (even if you only employ one person) whose action or inaction results in the loss of employee information, can be fined by federal and state government, and sued in civil court.

Bet you didn't know that. But you need to know, and need to know what you can do to protect yourself.

Small Businesses will be affected the most.

‘"A small businessman who makes a mistake could bear the brunt of a regulation like this," says James Plummer, policy analyst at Consumer Alert, a non-profit group that focuses on a free-market approach to consumer regulations.’

If you don't shred and information gets out, there are penalties. But what if you do shred all potential employee information, and take all necessary precautions to protect your past, current, and future employees’ identities, and the information still gets out somehow? Under FACTA, you could still be held responsible.

You may not think information theft could happen to you, but neither did a lot of companies, universities, government institutions, and businesses that have had employee or customer information stolen from them that have been in the news lately:

Lexis Nexis
University of Northern Colorado
California State University (Chico)
University of California – Berkeley
University of Maryland
Las Vegas Department of Motor Vehicles
Bank of America
Choice Point
Weld County (CO) Employees (information stolen by an inmate while in jail)

How can you, as an employer, minimize your liability?

There are hundreds of things you can do to minimize liability, which are probably things you already do. Document shredding, careful screening of employees who will be coming into contact with personal information of customers and employees, physically locking file drawers with sensitive information, and setting up firewalls on computer equipment connected to the Internet, among hundreds of other solutions, are all good ideas.

As Ben Franklin said, “An ounce of prevention is worth a pound of cure”, is definitely the case when it comes to securing personal information. However, no matter what prevention steps you take, there is no 100% effective way to be sure that employee’s information won’t be compromised. Even if the information doesn’t get out from your company, an employee can claim that it did.

That's a scary thought! What if an employee claims that their information was stolen through the actions of your company, but there’s no real proof to back it up? You will end up hiring (or using) an attorney to represent and defend you and your company in court. At $200 - $400/hour for most attorneys across the United States, how long can you afford to defend your company?

So what can you do?

One solution that would at least provide an affirmative defense against the fines, fees, and lawsuits you could incur as an employer, is to offer some sort of Identity Theft protection as a benefit to your employees.

As an employer, you can choose whether or not to pay for this added benefit. However, the most important thing you can do is to make the protection available, and have an employee meeting, to help employees understand Identity Theft and the protection that you are making available to them. When you make the protection available, and when your employees have been educated on the dangers of Identity Theft, they can either elect to have identity theft coverage as a benefit, or they can decline the coverage as a benefit.

If the employee has Identity Theft coverage and becomes a victim, it is beneficial to your business, because an employee with Identity Theft coverage will be notified immediately of the theft, spend less time, less money, and will experience less frustration while trying to have their information restored. This will get them back on the job and focused on work more quickly.

If the employee declines the coverage, and later claims that the information was stolen as a result of you or your company’s actions, you have a piece of paper, with their signature, saying that they attended the presentation and declined the coverage.

Choosing to not make Identity Theft coverage available leaves you exposed to an unlimited dollar amount that you can be sued for under civil liability, federal fines of up to $2,500.00 per employee per incident, and state fines of up to $1,000.00 per employee per incident.

Recommended course of action? Have a benefits consultant who offers an Identity Theft protection plan present to your employees. Help them set up a 20 minute presentation with your employees, and make it mandatory that all employees attend. You want your employees to be protected from this awful crime. If they choose not to be, but you’ve given the option of being protected, then the liability becomes theirs, not yours, when they become a victim of identity theft.

About the Author: Steve Mueller has over 25 years of human resource experience. He has worked in various fields of human resources; as a Trainer for Cooper Industries, Compensation and Management Development Manager for Zenith Electronics, Plant Personnel Manager for a motor manufacturing company and Benefits Manager for a multi-location distribution company. Steve holds a bachelors of science degree in education from Pittsburg State University. He has taught numerous adult education classes and seminars in the community. Steve has received community service awards for his participation in elementary school child safety programs.


Note: To find out How to Protect Yourself visit:

Thursday, June 02, 2005

Stolen PC Had Credit-Card Data For 80,000 Government Workers

Stolen PC Had Credit-Card Data For 80,000 Government Workers

May 31, 2005; Page A4

WASHINGTON -- Federal and local authorities in Fairfax, Va., are investigating the recent theft of a computer containing the credit-card information of 80,000 Justice Department employees. Authorities learned about three weeks ago that the computer had been stolen from Omega World Travel, of Fairfax, which is close to Washington.

The Justice Department has been notifying employees and asking them to monitor their accounts and cancel the government-issued credit cards if they notice suspicious activity.

The Federal Bureau of Investigation and Fairfax police are looking into the case. Justice Department spokeswoman Gina Talamona said there hasn't been any indication of improper activity on the cards so far. "We don't provide Omega Travel with the kind of personal identification information that's usually exploited for identity theft," she said. "No personal addresses, Social Security numbers or office locations were on the computer." The missing information includes password-protected names and credit-card account numbers. The agencies the employees work with also are included but are in code.

A federal law-enforcement agent, however, raised red flags. Many employees affected by the computer theft likely provided additional information to Omega for their traveler profiles. That information can include home addresses, telephone numbers and even passport numbers and other identifiers. "There's a lot of information on that profile," the agent said. "Between the credit cards and now this, I'll be glad if somebody doesn't end up diverting my check to their account."

J.P. Morgan Chase & Co. and Bank One Corp., which was acquired by the New York financial-services company last year, are monitoring the accounts for suspicious activity and the travel company has beefed up security precautions since the theft. Steps also have been taken to make sure the computer can't be reconnected to the company's network.

In December, Bank of America Corp., Charlotte, N.C., lost tapes containing credit-card information on 1.2 million federal employees -- including some senators on the Banking Committee -- while en route to a storage facility.