Protect Your Company with Reasonable Security Steps
By Doyce Tarkington, CITRMS / Little Rock
Identity Theft is the fastest growing crime in the world today. The Federal Trade Commission (FTC) reported just over 31,000 complaints of identity theft in 2000. That number rose to almost 314,000 in the last eight years. In Arkansas, identity theft rose 29 percent in 2008. In Northwest Arkansas, the city of Rogers Police Department reported 90 cases of identity theft last year and has 48 cases on the books so far this year.
How do your protect your company? Make a safeguarding plan and work it.
According to the FTC, a reasonable security program has to include the following components:
• a designated employee or employees to coordinate and be accountable for the information security program
• employee training concerning the risk of identity theft in the workplace
• the design and implementation of reasonable safeguards
• evaluation and adjustment according to testing and monitoring of the program
The FTC has developed a guide for businesses to follow called, Protecting Personal Information: A Guide for Business, available at www.ftc.gov.
In addition to FTC requirements, state laws help protect individuals from identity theft. The Fair and Accurate Credit Transaction Act of 2003 (FACTA) and FACTA Red Flag Rules were created as a series of steps business and reporting agencies can implement to help deter identity theft. The Health Insurance Portability and Accountability Act (HIPAA) was set in place to protect the health care industry. The Gramm-Leach-Bliley Act governs financial institutions. The FTC’s Red Flag rules requiring businesses to develop and implement written identity theft programs became enforceable as of August 1, 2009.
Doyce Tarkington is a Certified Identity Theft Risk Management Specialist (CITRMS and has been a provider of Prepaid Legal Services for more 10 years. He can be reached at dltarkington@prepaidlegal.com
