SlideShare a Scribd company logo

IDT 2015

Download as PPT, PDF
P
Paul Kennedy

The document provides information about identity theft and safeguards against it. It discusses the following key points: 1) Identity theft can take many forms including financial, medical, drivers license, and social security identity theft. Over 900 million records have been lost or stolen since 2005. 2) The Fair and Accurate Credit Transactions Act (FACTA) requires companies to develop and implement identity theft prevention programs to help detect and mitigate identity theft risks. It affects any business that collects personal information. 3) Companies must appoint an information security officer, develop written identity theft prevention plans, provide employee training, and oversee service providers according to privacy and security laws. Failure to do so could result in lawsuits and fines.

1 of 15
IDENTITY THEFT 2015 Fact, Fiction and Safeguards... Welcome to… Presented by Paul L. Kennedy Certified Identity Theft Risk Management Specialist For yesterday, today and tomorrow….. We can help solve your problem problems
“Identity theft is the only crime where you are” Guilty Until Proven Innocent
Drivers License Identity Theft Medical Identity Theft Financial Identity Theft Identity Theft is not just Credit Cards! ID Theft is an international crime and access to an attorney may be critical... Social Security Identity Theft Character / Criminal Identity Theft Five Common Types of Identity Theft What is Identity Theft?
Jan 2005 - December 2014 923,729,111* records lost or stolen in the workplace (reported cases only) ™ *privacyrights.org
Alberta Venture (Business Journal) 10/2005 They’re not after your money, your equipment, or your inventory. The Identity Thief wants the personal information you keep on employees, customers & vendors And if you lose it, you’ll wish they went for the cash
Employees can need up to 600 hours, mainly during business hours, to restore their identities “If you experience a security breach... 20% of your customers will no longer do business with you, 40% will consider not doing business with you and 5% will be hiring lawyers!” Needless to say… referrals will come to a screeching halt The Cost of Identity Theft *CIO Magazine, The Coming Pandemic, Michael Freidenberg, May 15th , 2006
An Overview of FACTA: • FACTA was signed by President Bush on December 4, 2003. • The provisions of the law have been phased in over the past few years, and all are now in effect. An Overview of FACTA: • FACTA was signed by President Bush on December 4, 2003. • The provisions of the law have been phased in over the past few years, and all are now in effect. However, these new provisions also create serious new responsibilities – and potential liabilities – for businesses nationwide. Simply put, if data aiding an identity theft originates from a security breach at your company, you could be sued, fined, or become a defendant in a class-action lawsuit by affected employees whose personal information has somehow gotten out. However, these new provisions also create serious new responsibilities – and potential liabilities – for businesses nationwide. Simply put, if data aiding an identity theft originates from a security breach at your company, you could be sued, fined, or become a defendant in a class-action lawsuit by affected employees whose personal information has somehow gotten out. The High Cost of Identity Theft to Business
• Civil liability. An employee could be entitled to recover actual damages sustained if their identity is stolen from an employer. Or, an employer could be liable for statutory damages for up to $1,000 per employee. • Class action lawsuits. If large numbers of employees are impacted, they may be able to bring class action suits and obtain punitive damages from employers. • Federal fines. The federal government could fine a covered business up to $2,500 for each violation. • Civil liability. An employee could be entitled to recover actual damages sustained if their identity is stolen from an employer. Or, an employer could be liable for statutory damages for up to $1,000 per employee. • Class action lawsuits. If large numbers of employees are impacted, they may be able to bring class action suits and obtain punitive damages from employers. • Federal fines. The federal government could fine a covered business up to $2,500 for each violation. This law applies to any business, regardless of size, that collects personal information or consumer reports about customers or employees to make decisions within their business (including names, credit card numbers, birthdates, home addresses and more). This law applies to any business, regardless of size, that collects personal information or consumer reports about customers or employees to make decisions within their business (including names, credit card numbers, birthdates, home addresses and more). Who Does FACTA Affect?
Now What? It’s Time to Develop a Plan! According to the FTC, a “reasonable” plan to safeguard personal information includes: According to the FTC, a “reasonable” plan to safeguard personal information includes: • Designating an employee (or employees) to coordinate and be responsible for the security program. • Designating an employee (or employees) to coordinate and be responsible for the security program. • …..including employee training….• …..including employee training…. • Continually evaluating and adjusting the security plan….. • Continually evaluating and adjusting the security plan….. • Creating a mitigation plan…..This mitigation plan should kick in when there is a privacy or security breach and there is a need to “repair it” immediately in the eyes of customers, government regulators, and management. • Creating a mitigation plan…..This mitigation plan should kick in when there is a privacy or security breach and there is a need to “repair it” immediately in the eyes of customers, government regulators, and management.
Federal Trade Commission - Bureau of Consumer Protection - Division of Consumer & Business Education New ‘Red Flag’ Requirements for Financial Institutions and Creditors will Help Fight Identity Theft PG. 2 A creditor is any entity that regularly extends, renews, or continues credit; any entity that regularly arranges for the extension, renewal, or continuation of credit; or any assignee of an original creditor who is involved in the decision to extend, renew, or continue credit. A creditor is any entity that regularly extends, renews, or continues credit; any entity that regularly arranges for the extension, renewal, or continuation of credit; or any assignee of an original creditor who is involved in the decision to extend, renew, or continue credit. Creditors include finance companies, automobile dealers, mortgage brokers, utility companies, and telecommunications companies. Where non-profit and government entities defer payment for goods or services, they, too, are to be considered creditors. Creditors include finance companies, automobile dealers, mortgage brokers, utility companies, and telecommunications companies. Where non-profit and government entities defer payment for goods or services, they, too, are to be considered creditors. A covered account is an account used mostly for personal, family, or household purposes, and that involves multiple payments or transactions. A covered account is also an account for which there is a foreseeable risk of identity theft. A covered account is an account used mostly for personal, family, or household purposes, and that involves multiple payments or transactions. A covered account is also an account for which there is a foreseeable risk of identity theft.
Federal Trade Commission - Bureau of Consumer Protection - Division of Consumer & Business Education PG. 3 Federal Trade Commission June 2008 For The Consumer ftc.gov 1-877-FTC-HELP Complying with the Red Flag Rules The program must also describe appropriate responses that would prevent and mitigate the crime….. The program must also describe appropriate responses that would prevent and mitigate the crime….. The program must be managed by the Board of Directors or senior employees The program must be managed by the Board of Directors or senior employees …include appropriate staff training, and provide for oversight of any service providers. …include appropriate staff training, and provide for oversight of any service providers. Under the Red Flags Rules, financial institutions and creditors must develop a written program that identifies and detects the relevant warning signs — or “red flags” — of identity theft. Under the Red Flags Rules, financial institutions and creditors must develop a written program that identifies and detects the relevant warning signs — or “red flags” — of identity theft.
These laws require businesses to: ♦ Appoint, in writing, an Information Security Officer ♦ Develop a written plan and policy to protect non-public information for employees and customers ♦ Hold training for all employees ♦ Oversee service provider arrangements Privacy and Security Laws Be Sure To Check With Your Attorney On How These Laws May Specifically Apply To You
These rules also provide that covered accounts, creditors and businesses must also ensure their service providers and subcontractors comply and have reasonable policies and procedures in place. The rules state: ♦ Liability follows the data. ♦ A covered entity cannot escape its obligation to comply by outsourcing an activity. Businesses must exercise appropriate and effective oversight of service provider arrangements. ♦ Service providers and contractors must comply by implementing reasonable policies and procedures designed to detect, prevent and mitigate the risk of identity theft. ♦ Contractors with whom the covered accounts exchange personally identifiable information (PII) are required to comply and have reasonable policies and procedures in place to protect information. Be Sure To Check With Your Attorney On How This Law May Specifically Apply To You FACTA Red Flag Rules
THANK YOUTHANK YOU Pre-Paid Legal Services® , Inc. Paul L. Kennedy, CITRMS Certified Identity Theft Risk Management Specialist

Recommended

Employer 0409
Employer 0409Employer 0409
Employer 0409
dgade
 
Adrs Flip Chart With Red Flags Rev4
Adrs Flip Chart With Red Flags Rev4Adrs Flip Chart With Red Flags Rev4
Adrs Flip Chart With Red Flags Rev4
danc752
 
Adrs Presentation March 2008
Adrs Presentation March 2008Adrs Presentation March 2008
Adrs Presentation March 2008
guestabd20
 
Affirmative Defense Response System (ADRS)
Affirmative Defense Response System (ADRS)Affirmative Defense Response System (ADRS)
Affirmative Defense Response System (ADRS)
guest95afa8
 
Adrs Flip Chart From Ppl
Adrs Flip Chart From PplAdrs Flip Chart From Ppl
Adrs Flip Chart From Ppl
susantj3
 
Affirmative Defense Reponse System
Affirmative Defense Reponse SystemAffirmative Defense Reponse System
Affirmative Defense Reponse System
oldshaman
 
Idt
IdtIdt
Idt
Springboard
 
Downey Law Group - Legal Ethics and Innovations - May 2017
Downey Law Group - Legal Ethics and Innovations - May 2017Downey Law Group - Legal Ethics and Innovations - May 2017
Downey Law Group - Legal Ethics and Innovations - May 2017
Downey Law Group LLC
 

Recommended

Employer 0409
Employer 0409Employer 0409
Employer 0409
dgade
 
Adrs Flip Chart With Red Flags Rev4
Adrs Flip Chart With Red Flags Rev4Adrs Flip Chart With Red Flags Rev4
Adrs Flip Chart With Red Flags Rev4
danc752
 
Adrs Presentation March 2008
Adrs Presentation March 2008Adrs Presentation March 2008
Adrs Presentation March 2008
guestabd20
 
Affirmative Defense Response System (ADRS)
Affirmative Defense Response System (ADRS)Affirmative Defense Response System (ADRS)
Affirmative Defense Response System (ADRS)
guest95afa8
 
Adrs Flip Chart From Ppl
Adrs Flip Chart From PplAdrs Flip Chart From Ppl
Adrs Flip Chart From Ppl
susantj3
 
Affirmative Defense Reponse System
Affirmative Defense Reponse SystemAffirmative Defense Reponse System
Affirmative Defense Reponse System
oldshaman
 
Idt
IdtIdt
Idt
Springboard
 
Downey Law Group - Legal Ethics and Innovations - May 2017
Downey Law Group - Legal Ethics and Innovations - May 2017Downey Law Group - Legal Ethics and Innovations - May 2017
Downey Law Group - Legal Ethics and Innovations - May 2017
Downey Law Group LLC
 
Identity Theft Red Flags Rule for Business
Identity Theft Red Flags Rule for BusinessIdentity Theft Red Flags Rule for Business
Identity Theft Red Flags Rule for Business
Herring Consulting & Financial Group
 
Adrs Presentation Folder 051909
Adrs Presentation Folder 051909Adrs Presentation Folder 051909
Adrs Presentation Folder 051909
julchap
 
Safe Act Training
Safe Act TrainingSafe Act Training
Safe Act Training
Deborah_K_Williams
 
Avoiding eCourt waivers and efiling lawyer buddies
Avoiding eCourt waivers and efiling lawyer buddiesAvoiding eCourt waivers and efiling lawyer buddies
Avoiding eCourt waivers and efiling lawyer buddies
Oregon Law Practice Management
 
Legal Ethics for a Changing Profession
Legal Ethics for a Changing ProfessionLegal Ethics for a Changing Profession
Legal Ethics for a Changing Profession
Downey Law Group LLC
 
Identity Theft: Protecting & Restoring Your Good Name
Identity Theft: Protecting & Restoring Your Good NameIdentity Theft: Protecting & Restoring Your Good Name
Identity Theft: Protecting & Restoring Your Good Name
Springboard
 
Immigration issues faced by Indians acquiring overseas businesses
Immigration issues faced by Indians acquiring overseas businessesImmigration issues faced by Indians acquiring overseas businesses
Immigration issues faced by Indians acquiring overseas businesses
Jennifer Kumar
 
Identity Theft * Canada
Identity Theft * CanadaIdentity Theft * Canada
Identity Theft * Canada
- Mark - Fullbright
 
Acc 675 control audit final project
Acc 675 control audit final projectAcc 675 control audit final project
Acc 675 control audit final project
Kelly Giambra
 
E Verfiy Training Powerpoint
E Verfiy Training PowerpointE Verfiy Training Powerpoint
E Verfiy Training Powerpoint
Charles Kuck
 
George Gavras 2010 Fowler Seminar
George Gavras 2010 Fowler SeminarGeorge Gavras 2010 Fowler Seminar
George Gavras 2010 Fowler SeminarDon Grauel
 
Ppl World Atl June 2007 Training
Ppl World Atl June 2007 TrainingPpl World Atl June 2007 Training
Ppl World Atl June 2007 Training
swalton4
 
Legal Issues for Startups
Legal Issues for StartupsLegal Issues for Startups
Legal Issues for Startups
Peppe Santoro
 
Shareholders’ Remedies in Canada 2012
Shareholders’ Remedies in Canada 2012Shareholders’ Remedies in Canada 2012
Shareholders’ Remedies in Canada 2012
Igor Ellyn, QC, CS, FCIArb.
 
Employee law module
Employee law moduleEmployee law module
Employee law module
Muncie_Library
 
What Is the General Process of Issuing Private Activity Bonds in Arizona?
What Is the General Process of Issuing Private Activity Bonds in Arizona?What Is the General Process of Issuing Private Activity Bonds in Arizona?
What Is the General Process of Issuing Private Activity Bonds in Arizona?
Charles Lotzar
 
Unsolicited Contribution to Code of Conduct for Jamaican Banking Sector
Unsolicited Contribution to Code of Conduct for Jamaican Banking SectorUnsolicited Contribution to Code of Conduct for Jamaican Banking Sector
Unsolicited Contribution to Code of Conduct for Jamaican Banking Sector
Help Mi Consulting
 
LegalShield Business Solutions
LegalShield Business SolutionsLegalShield Business Solutions
LegalShield Business Solutions
Brian Dunican, Ed.D.
 
Risk Managers Presentation
Risk Managers PresentationRisk Managers Presentation
Risk Managers Presentation
pat7777
 
Businesses May Recieve Stiff Penalties And Fines
Businesses May Recieve Stiff Penalties And FinesBusinesses May Recieve Stiff Penalties And Fines
Businesses May Recieve Stiff Penalties And Fines
masive213
 
Adrs Flip Chart From Ppl
Adrs Flip Chart From PplAdrs Flip Chart From Ppl
Adrs Flip Chart From Ppl
Sue Tjernlund
 
Adrs2
Adrs2Adrs2
Adrs2Firstgolook
 

More Related Content

What's hot

Identity Theft Red Flags Rule for Business
Identity Theft Red Flags Rule for BusinessIdentity Theft Red Flags Rule for Business
Identity Theft Red Flags Rule for Business
Herring Consulting & Financial Group
 
Adrs Presentation Folder 051909
Adrs Presentation Folder 051909Adrs Presentation Folder 051909
Adrs Presentation Folder 051909
julchap
 
Safe Act Training
Safe Act TrainingSafe Act Training
Safe Act Training
Deborah_K_Williams
 
Avoiding eCourt waivers and efiling lawyer buddies
Avoiding eCourt waivers and efiling lawyer buddiesAvoiding eCourt waivers and efiling lawyer buddies
Avoiding eCourt waivers and efiling lawyer buddies
Oregon Law Practice Management
 
Legal Ethics for a Changing Profession
Legal Ethics for a Changing ProfessionLegal Ethics for a Changing Profession
Legal Ethics for a Changing Profession
Downey Law Group LLC
 
Identity Theft: Protecting & Restoring Your Good Name
Identity Theft: Protecting & Restoring Your Good NameIdentity Theft: Protecting & Restoring Your Good Name
Identity Theft: Protecting & Restoring Your Good Name
Springboard
 
Immigration issues faced by Indians acquiring overseas businesses
Immigration issues faced by Indians acquiring overseas businessesImmigration issues faced by Indians acquiring overseas businesses
Immigration issues faced by Indians acquiring overseas businesses
Jennifer Kumar
 
Identity Theft * Canada
Identity Theft * CanadaIdentity Theft * Canada
Identity Theft * Canada
- Mark - Fullbright
 
Acc 675 control audit final project
Acc 675 control audit final projectAcc 675 control audit final project
Acc 675 control audit final project
Kelly Giambra
 
E Verfiy Training Powerpoint
E Verfiy Training PowerpointE Verfiy Training Powerpoint
E Verfiy Training Powerpoint
Charles Kuck
 
George Gavras 2010 Fowler Seminar
George Gavras 2010 Fowler SeminarGeorge Gavras 2010 Fowler Seminar
George Gavras 2010 Fowler SeminarDon Grauel
 
Ppl World Atl June 2007 Training
Ppl World Atl June 2007 TrainingPpl World Atl June 2007 Training
Ppl World Atl June 2007 Training
swalton4
 
Legal Issues for Startups
Legal Issues for StartupsLegal Issues for Startups
Legal Issues for Startups
Peppe Santoro
 
Shareholders’ Remedies in Canada 2012
Shareholders’ Remedies in Canada 2012Shareholders’ Remedies in Canada 2012
Shareholders’ Remedies in Canada 2012
Igor Ellyn, QC, CS, FCIArb.
 
Employee law module
Employee law moduleEmployee law module
Employee law module
Muncie_Library
 
What Is the General Process of Issuing Private Activity Bonds in Arizona?
What Is the General Process of Issuing Private Activity Bonds in Arizona?What Is the General Process of Issuing Private Activity Bonds in Arizona?
What Is the General Process of Issuing Private Activity Bonds in Arizona?
Charles Lotzar
 
Unsolicited Contribution to Code of Conduct for Jamaican Banking Sector
Unsolicited Contribution to Code of Conduct for Jamaican Banking SectorUnsolicited Contribution to Code of Conduct for Jamaican Banking Sector
Unsolicited Contribution to Code of Conduct for Jamaican Banking Sector
Help Mi Consulting
 
LegalShield Business Solutions
LegalShield Business SolutionsLegalShield Business Solutions
LegalShield Business Solutions
Brian Dunican, Ed.D.
 
Risk Managers Presentation
Risk Managers PresentationRisk Managers Presentation
Risk Managers Presentation
pat7777
 

What's hot (19)

Identity Theft Red Flags Rule for Business
Identity Theft Red Flags Rule for BusinessIdentity Theft Red Flags Rule for Business
Identity Theft Red Flags Rule for Business
 
Adrs Presentation Folder 051909
Adrs Presentation Folder 051909Adrs Presentation Folder 051909
Adrs Presentation Folder 051909
 
Safe Act Training
Safe Act TrainingSafe Act Training
Safe Act Training
 
Avoiding eCourt waivers and efiling lawyer buddies
Avoiding eCourt waivers and efiling lawyer buddiesAvoiding eCourt waivers and efiling lawyer buddies
Avoiding eCourt waivers and efiling lawyer buddies
 
Legal Ethics for a Changing Profession
Legal Ethics for a Changing ProfessionLegal Ethics for a Changing Profession
Legal Ethics for a Changing Profession
 
Identity Theft: Protecting & Restoring Your Good Name
Identity Theft: Protecting & Restoring Your Good NameIdentity Theft: Protecting & Restoring Your Good Name
Identity Theft: Protecting & Restoring Your Good Name
 
Immigration issues faced by Indians acquiring overseas businesses
Immigration issues faced by Indians acquiring overseas businessesImmigration issues faced by Indians acquiring overseas businesses
Immigration issues faced by Indians acquiring overseas businesses
 
Identity Theft * Canada
Identity Theft * CanadaIdentity Theft * Canada
Identity Theft * Canada
 
Acc 675 control audit final project
Acc 675 control audit final projectAcc 675 control audit final project
Acc 675 control audit final project
 
E Verfiy Training Powerpoint
E Verfiy Training PowerpointE Verfiy Training Powerpoint
E Verfiy Training Powerpoint
 
George Gavras 2010 Fowler Seminar
George Gavras 2010 Fowler SeminarGeorge Gavras 2010 Fowler Seminar
George Gavras 2010 Fowler Seminar
 
Ppl World Atl June 2007 Training
Ppl World Atl June 2007 TrainingPpl World Atl June 2007 Training
Ppl World Atl June 2007 Training
 
Legal Issues for Startups
Legal Issues for StartupsLegal Issues for Startups
Legal Issues for Startups
 
Shareholders’ Remedies in Canada 2012
Shareholders’ Remedies in Canada 2012Shareholders’ Remedies in Canada 2012
Shareholders’ Remedies in Canada 2012
 
Employee law module
Employee law moduleEmployee law module
Employee law module
 
What Is the General Process of Issuing Private Activity Bonds in Arizona?
What Is the General Process of Issuing Private Activity Bonds in Arizona?What Is the General Process of Issuing Private Activity Bonds in Arizona?
What Is the General Process of Issuing Private Activity Bonds in Arizona?
 
Unsolicited Contribution to Code of Conduct for Jamaican Banking Sector
Unsolicited Contribution to Code of Conduct for Jamaican Banking SectorUnsolicited Contribution to Code of Conduct for Jamaican Banking Sector
Unsolicited Contribution to Code of Conduct for Jamaican Banking Sector
 
LegalShield Business Solutions
LegalShield Business SolutionsLegalShield Business Solutions
LegalShield Business Solutions
 
Risk Managers Presentation
Risk Managers PresentationRisk Managers Presentation
Risk Managers Presentation
 

Similar to IDT 2015

Businesses May Recieve Stiff Penalties And Fines
Businesses May Recieve Stiff Penalties And FinesBusinesses May Recieve Stiff Penalties And Fines
Businesses May Recieve Stiff Penalties And Fines
masive213
 
Adrs Flip Chart From Ppl
Adrs Flip Chart From PplAdrs Flip Chart From Ppl
Adrs Flip Chart From Ppl
Sue Tjernlund
 
Identity Theft and Your company
Identity Theft and Your companyIdentity Theft and Your company
Identity Theft and Your company
guest61ff5a
 
I D Theft Employee Presentation2
I D Theft Employee Presentation2I D Theft Employee Presentation2
I D Theft Employee Presentation2
Heather Smith
 
Cyber Risks Looming in the Transportation Industry
Cyber Risks Looming in the Transportation IndustryCyber Risks Looming in the Transportation Industry
Cyber Risks Looming in the Transportation Industry
HNI Risk Services
 
ComplianceOnline PPT Format 2015 SEC’s New Whistleblower Rules 5.12.2015
ComplianceOnline PPT Format 2015 SEC’s New Whistleblower Rules 5.12.2015ComplianceOnline PPT Format 2015 SEC’s New Whistleblower Rules 5.12.2015
ComplianceOnline PPT Format 2015 SEC’s New Whistleblower Rules 5.12.2015Craig Taggart MBA
 
Powerpoint mack jackson
Powerpoint mack jacksonPowerpoint mack jackson
Powerpoint mack jackson
aiimnevada
 
Smart devine-act now before its too late-0313-v6
Smart devine-act now before its too late-0313-v6Smart devine-act now before its too late-0313-v6
Smart devine-act now before its too late-0313-v6
Accounting_Whitepapers
 
10 Myths About Credit
10 Myths About Credit10 Myths About Credit
10 Myths About CreditRob Aubrey
 
ID Theft Final Oct 2015
ID Theft Final Oct 2015ID Theft Final Oct 2015
ID Theft Final Oct 2015James Kane
 
Business Identity Theft
Business Identity TheftBusiness Identity Theft
Business Identity Theft
- Mark - Fullbright
 
10 Credit Myth
10 Credit Myth10 Credit Myth
10 Credit Myth
Mark Bustamonte
 
Introduction to US Privacy and Data Security Regulations and Requirements (Se...
Introduction to US Privacy and Data Security Regulations and Requirements (Se...Introduction to US Privacy and Data Security Regulations and Requirements (Se...
Introduction to US Privacy and Data Security Regulations and Requirements (Se...
Financial Poise
 
BSA Regulations
BSA RegulationsBSA Regulations
BSA Regulations
Brianna Johnson
 
Intermountain CFO Summit - Managing Financial Risks
Intermountain CFO Summit - Managing Financial RisksIntermountain CFO Summit - Managing Financial Risks
Intermountain CFO Summit - Managing Financial Risks
David Chase
 
Will The Typical Person Need ID Fraud Insurance Protection?
Will The Typical Person Need ID Fraud Insurance Protection?Will The Typical Person Need ID Fraud Insurance Protection?
Will The Typical Person Need ID Fraud Insurance Protection?
tommy2tone44
 
Introduction to US Privacy and Data Security: Regulations and Requirements
Introduction to US Privacy and Data Security: Regulations and RequirementsIntroduction to US Privacy and Data Security: Regulations and Requirements
Introduction to US Privacy and Data Security: Regulations and Requirements
Financial Poise
 
Cybersecurity & Data Privacy 2020 - Introduction to US Privacy and Data Secur...
Cybersecurity & Data Privacy 2020 - Introduction to US Privacy and Data Secur...Cybersecurity & Data Privacy 2020 - Introduction to US Privacy and Data Secur...
Cybersecurity & Data Privacy 2020 - Introduction to US Privacy and Data Secur...
Financial Poise
 

Similar to IDT 2015 (20)

Businesses May Recieve Stiff Penalties And Fines
Businesses May Recieve Stiff Penalties And FinesBusinesses May Recieve Stiff Penalties And Fines
Businesses May Recieve Stiff Penalties And Fines
 
Adrs Flip Chart From Ppl
Adrs Flip Chart From PplAdrs Flip Chart From Ppl
Adrs Flip Chart From Ppl
 
Adrs2
Adrs2Adrs2
Adrs2
 
Identity Theft and Your company
Identity Theft and Your companyIdentity Theft and Your company
Identity Theft and Your company
 
I D Theft Employee Presentation2
I D Theft Employee Presentation2I D Theft Employee Presentation2
I D Theft Employee Presentation2
 
Cyber Risks Looming in the Transportation Industry
Cyber Risks Looming in the Transportation IndustryCyber Risks Looming in the Transportation Industry
Cyber Risks Looming in the Transportation Industry
 
ComplianceOnline PPT Format 2015 SEC’s New Whistleblower Rules 5.12.2015
ComplianceOnline PPT Format 2015 SEC’s New Whistleblower Rules 5.12.2015ComplianceOnline PPT Format 2015 SEC’s New Whistleblower Rules 5.12.2015
ComplianceOnline PPT Format 2015 SEC’s New Whistleblower Rules 5.12.2015
 
Powerpoint mack jackson
Powerpoint mack jacksonPowerpoint mack jackson
Powerpoint mack jackson
 
Smart devine-act now before its too late-0313-v6
Smart devine-act now before its too late-0313-v6Smart devine-act now before its too late-0313-v6
Smart devine-act now before its too late-0313-v6
 
10 Myths About Credit
10 Myths About Credit10 Myths About Credit
10 Myths About Credit
 
ID Theft Final Oct 2015
ID Theft Final Oct 2015ID Theft Final Oct 2015
ID Theft Final Oct 2015
 
Business Identity Theft
Business Identity TheftBusiness Identity Theft
Business Identity Theft
 
10 Credit Myth
10 Credit Myth10 Credit Myth
10 Credit Myth
 
LS IDT 2014
LS IDT 2014LS IDT 2014
LS IDT 2014
 
Introduction to US Privacy and Data Security Regulations and Requirements (Se...
Introduction to US Privacy and Data Security Regulations and Requirements (Se...Introduction to US Privacy and Data Security Regulations and Requirements (Se...
Introduction to US Privacy and Data Security Regulations and Requirements (Se...
 
BSA Regulations
BSA RegulationsBSA Regulations
BSA Regulations
 
Intermountain CFO Summit - Managing Financial Risks
Intermountain CFO Summit - Managing Financial RisksIntermountain CFO Summit - Managing Financial Risks
Intermountain CFO Summit - Managing Financial Risks
 
Will The Typical Person Need ID Fraud Insurance Protection?
Will The Typical Person Need ID Fraud Insurance Protection?Will The Typical Person Need ID Fraud Insurance Protection?
Will The Typical Person Need ID Fraud Insurance Protection?
 
Introduction to US Privacy and Data Security: Regulations and Requirements
Introduction to US Privacy and Data Security: Regulations and RequirementsIntroduction to US Privacy and Data Security: Regulations and Requirements
Introduction to US Privacy and Data Security: Regulations and Requirements
 
Cybersecurity & Data Privacy 2020 - Introduction to US Privacy and Data Secur...
Cybersecurity & Data Privacy 2020 - Introduction to US Privacy and Data Secur...Cybersecurity & Data Privacy 2020 - Introduction to US Privacy and Data Secur...
Cybersecurity & Data Privacy 2020 - Introduction to US Privacy and Data Secur...
 

IDT 2015

  • 1. IDENTITY THEFT 2015 Fact, Fiction and Safeguards... Welcome to… Presented by Paul L. Kennedy Certified Identity Theft Risk Management Specialist For yesterday, today and tomorrow….. We can help solve your problem problems
  • 2. “Identity theft is the only crime where you are” Guilty Until Proven Innocent
  • 3. Drivers License Identity Theft Medical Identity Theft Financial Identity Theft Identity Theft is not just Credit Cards! ID Theft is an international crime and access to an attorney may be critical... Social Security Identity Theft Character / Criminal Identity Theft Five Common Types of Identity Theft What is Identity Theft?
  • 4. Jan 2005 - December 2014 923,729,111* records lost or stolen in the workplace (reported cases only) ™ *privacyrights.org
  • 5. Alberta Venture (Business Journal) 10/2005 They’re not after your money, your equipment, or your inventory. The Identity Thief wants the personal information you keep on employees, customers & vendors And if you lose it, you’ll wish they went for the cash
  • 6. Employees can need up to 600 hours, mainly during business hours, to restore their identities “If you experience a security breach... 20% of your customers will no longer do business with you, 40% will consider not doing business with you and 5% will be hiring lawyers!” Needless to say… referrals will come to a screeching halt The Cost of Identity Theft *CIO Magazine, The Coming Pandemic, Michael Freidenberg, May 15th , 2006
  • 7.
  • 8. An Overview of FACTA: • FACTA was signed by President Bush on December 4, 2003. • The provisions of the law have been phased in over the past few years, and all are now in effect. An Overview of FACTA: • FACTA was signed by President Bush on December 4, 2003. • The provisions of the law have been phased in over the past few years, and all are now in effect. However, these new provisions also create serious new responsibilities – and potential liabilities – for businesses nationwide. Simply put, if data aiding an identity theft originates from a security breach at your company, you could be sued, fined, or become a defendant in a class-action lawsuit by affected employees whose personal information has somehow gotten out. However, these new provisions also create serious new responsibilities – and potential liabilities – for businesses nationwide. Simply put, if data aiding an identity theft originates from a security breach at your company, you could be sued, fined, or become a defendant in a class-action lawsuit by affected employees whose personal information has somehow gotten out. The High Cost of Identity Theft to Business
  • 9. • Civil liability. An employee could be entitled to recover actual damages sustained if their identity is stolen from an employer. Or, an employer could be liable for statutory damages for up to $1,000 per employee. • Class action lawsuits. If large numbers of employees are impacted, they may be able to bring class action suits and obtain punitive damages from employers. • Federal fines. The federal government could fine a covered business up to $2,500 for each violation. • Civil liability. An employee could be entitled to recover actual damages sustained if their identity is stolen from an employer. Or, an employer could be liable for statutory damages for up to $1,000 per employee. • Class action lawsuits. If large numbers of employees are impacted, they may be able to bring class action suits and obtain punitive damages from employers. • Federal fines. The federal government could fine a covered business up to $2,500 for each violation. This law applies to any business, regardless of size, that collects personal information or consumer reports about customers or employees to make decisions within their business (including names, credit card numbers, birthdates, home addresses and more). This law applies to any business, regardless of size, that collects personal information or consumer reports about customers or employees to make decisions within their business (including names, credit card numbers, birthdates, home addresses and more). Who Does FACTA Affect?
  • 10. Now What? It’s Time to Develop a Plan! According to the FTC, a “reasonable” plan to safeguard personal information includes: According to the FTC, a “reasonable” plan to safeguard personal information includes: • Designating an employee (or employees) to coordinate and be responsible for the security program. • Designating an employee (or employees) to coordinate and be responsible for the security program. • …..including employee training….• …..including employee training…. • Continually evaluating and adjusting the security plan….. • Continually evaluating and adjusting the security plan….. • Creating a mitigation plan…..This mitigation plan should kick in when there is a privacy or security breach and there is a need to “repair it” immediately in the eyes of customers, government regulators, and management. • Creating a mitigation plan…..This mitigation plan should kick in when there is a privacy or security breach and there is a need to “repair it” immediately in the eyes of customers, government regulators, and management.
  • 11. Federal Trade Commission - Bureau of Consumer Protection - Division of Consumer & Business Education New ‘Red Flag’ Requirements for Financial Institutions and Creditors will Help Fight Identity Theft PG. 2 A creditor is any entity that regularly extends, renews, or continues credit; any entity that regularly arranges for the extension, renewal, or continuation of credit; or any assignee of an original creditor who is involved in the decision to extend, renew, or continue credit. A creditor is any entity that regularly extends, renews, or continues credit; any entity that regularly arranges for the extension, renewal, or continuation of credit; or any assignee of an original creditor who is involved in the decision to extend, renew, or continue credit. Creditors include finance companies, automobile dealers, mortgage brokers, utility companies, and telecommunications companies. Where non-profit and government entities defer payment for goods or services, they, too, are to be considered creditors. Creditors include finance companies, automobile dealers, mortgage brokers, utility companies, and telecommunications companies. Where non-profit and government entities defer payment for goods or services, they, too, are to be considered creditors. A covered account is an account used mostly for personal, family, or household purposes, and that involves multiple payments or transactions. A covered account is also an account for which there is a foreseeable risk of identity theft. A covered account is an account used mostly for personal, family, or household purposes, and that involves multiple payments or transactions. A covered account is also an account for which there is a foreseeable risk of identity theft.
  • 12. Federal Trade Commission - Bureau of Consumer Protection - Division of Consumer & Business Education PG. 3 Federal Trade Commission June 2008 For The Consumer ftc.gov 1-877-FTC-HELP Complying with the Red Flag Rules The program must also describe appropriate responses that would prevent and mitigate the crime….. The program must also describe appropriate responses that would prevent and mitigate the crime….. The program must be managed by the Board of Directors or senior employees The program must be managed by the Board of Directors or senior employees …include appropriate staff training, and provide for oversight of any service providers. …include appropriate staff training, and provide for oversight of any service providers. Under the Red Flags Rules, financial institutions and creditors must develop a written program that identifies and detects the relevant warning signs — or “red flags” — of identity theft. Under the Red Flags Rules, financial institutions and creditors must develop a written program that identifies and detects the relevant warning signs — or “red flags” — of identity theft.
  • 13. These laws require businesses to: ♦ Appoint, in writing, an Information Security Officer ♦ Develop a written plan and policy to protect non-public information for employees and customers ♦ Hold training for all employees ♦ Oversee service provider arrangements Privacy and Security Laws Be Sure To Check With Your Attorney On How These Laws May Specifically Apply To You
  • 14. These rules also provide that covered accounts, creditors and businesses must also ensure their service providers and subcontractors comply and have reasonable policies and procedures in place. The rules state: ♦ Liability follows the data. ♦ A covered entity cannot escape its obligation to comply by outsourcing an activity. Businesses must exercise appropriate and effective oversight of service provider arrangements. ♦ Service providers and contractors must comply by implementing reasonable policies and procedures designed to detect, prevent and mitigate the risk of identity theft. ♦ Contractors with whom the covered accounts exchange personally identifiable information (PII) are required to comply and have reasonable policies and procedures in place to protect information. Be Sure To Check With Your Attorney On How This Law May Specifically Apply To You FACTA Red Flag Rules
  • 15. THANK YOUTHANK YOU Pre-Paid Legal Services® , Inc. Paul L. Kennedy, CITRMS Certified Identity Theft Risk Management Specialist