Identity Theft in the Workplace  -  Employer Liability

State and Federal Laws

State and Federal Laws mandate that employers take the necessary steps to protect the non-public information (NPI) they collect.  The laws further require employers to monitor the compliance efforts of their service providers who have access to their data, premises and vehicles transporting data to ensure they are also taking reasonable measures to protect the employers NPI.

Secure Your Data Trail

Employees and service providers are the weakest links in protecting and securing your data.  Data breaches cost companies an average of $5 million per incident in direct costs according to a recent study by the Ponemon Institute. Business reputations are on the line when faced with a data breach and victims often cut ties with the companies that compromised their private information.
 

Employees may bring class-action suits against employers

Employees may  bring class-action suits against employers for actual and punitive damages. In addition, federal fines of up to $2,500 per employee, and state fines of up to $1,000 per employee also may be levied due to a new provision of the Fair and Accurate Credit Transactions Act (FACTA) which recently took effect. It states that any employer whose action or inaction results in the loss of employee information can be fined by federal and state government, and sued in civil court.

Attorneys are trolling the internet

Attorneys are trolling the internet advertising for victims of identity theft.  Hundreds of cases are underway against employers whom they believe have been negligent in safeguarding customers and/or employees private data.  Their ads include language i.e.;  “Free identity theft assistance, experienced lawyers on your side, free identity theft case review, click here…..The law professionals of our firms are on your side if your rights have been violated, we will fight to recover what your are entitled to”.  An identity theft lawsuit is very expensive and almost impossi

Identity Theft Protection As An Employee Benefit

One solution that provides an affirmative defense against potential fines, fees, and lawsuits relating to identity theft in the workplace is to offer some sort of identity theft protection as an employee benefit. An employer can choose whether or not to pay for this benefit. The key is to make the protection available, and have a mandatory employee meeting on identity theft and the protection you are making available, similar to what most employers do for health insurance.
 

Identity Theft Safety Program

NPI Compliance Consulting Group will provide no direct cost compliance assistance to companies who employ ten or more persons.
 
Our Identity Theft Safety Program Includes:
 
Step One:
Twenty minute power point presentation which will inform and educate your managment team on the latest Federal and State identity theft regulations.
 
Step Two:
We will provide your company with necessary compliance documents at no cost. 
 
Step Three:
FTC mandated Identity Theft Training for your workforce.  
 
Step Four:
Offer the leading identity theft protection and restoration plan to your employees as a payroll deducted voluntary employee benefit (to help mitigate company losses and reduce the possibility of lawsuits by employees in the face of a data breach). 
 
Step Five:
Assist in securing your Data Trail.  Your vendors  will be requested to provide your company with a letter or compliance certificate confirming that they are in compliance with the new identity theft laws.  
 
Step Six:
Your company will receive a Completion Certificate and window decals representing your company’s commitment to safeguarding customer and employee data.
 
Step Seven:
Upon completion of your initial Identity Theft Safety Program you will receive a comprehensive notebook of the latest FTC compliance and safeguard standards to help your company continue your commitment of creating a “culture of security” in your workplace.

Identity Theft Regulations


  1. FACT Act (FACTA)

  2. Red Flag Rules

  3. GLB Act  (Gramm Leach Bliley)

 
Who must comply:
You are considered a financial institution under these laws if you use consumer reports or provide credit, or use third party financing, or accept credit cards or:


  1. Employ one or more persons

  2. Store Consumer Reports

  3. Conduct Credit Checks

  4. Use, gather or obtain NPI for any purpose

-------------------
“The FTC will act against employers who fail to protect the non-public information they collect”
….Betsy Broder
 Federal Trade Commission
 

------------------
Subscribe to our Free Newsletter:
www.scamhotline.com
Hard copies are available for your employees, customers, and members. Click here to request copies.
------------------
 
“It’s too easy to get to data no matter what the key is, from insiders, hackers, or mistakes”
….Jody Westby,
Head of Security
Price Waterhouse Coopers, LLC
 ------------------
Related Links:
 
www.privacyrights.org
www.ftc.gov