|
Compliance
|
|
Written by Joe Campana
|
|
Monday, 27 April 2009 08:50 |
|
I heard a radio announcement last Friday about a non-profit organization that was sponsoring a Shred Fest at the local mall on Saturday morning. Local events like this can be an easy, free and legal way for a small business to dispose a limited quantity of sensitive documents.
I already had thousands of client records, containing Social Security Numbers, date of births, and bank or credit card account numbers, which I recently purged from our files and packed into a carton.
A Federal Law went into effect four years ago. The Disposal Rule requires businesses and individuals that possess sensitive consumer information for a business purpose to dispose of the records properly.
|
|
Last Updated on Monday, 27 April 2009 08:59 |
|
Read more...
|
|
|
Risk Management
|
|
Written by Joe Campana
|
|
Thursday, 23 April 2009 00:00 |
|
I am winding down volunteer work on a community project where privacy and information security has been a contentious issue. At the center of the picture is a custodian of sensitive electronic consumer information who is resistive to change. This custodian lacks an understanding of modern principles of privacy and information security, and the person has little more than a rudimentary understanding of computers and information systems.
Management personnel who have this knowledge gap are not uncommon--but it could be a major liability.
|
|
Last Updated on Wednesday, 22 April 2009 22:20 |
|
Read more...
|
|
Identity Theft
|
|
Written by Joe Campana
|
|
Monday, 13 April 2009 20:32 |
|
Last week I posed the rhetorical question on this blog, do they get it? Tonight I attended a county committee meeting to listen to local lawmakers debate whether or not the county should continue to display Social Security Numbers on public records through its Web site. Here is what I learned. You decide if the statement is a truth or a delusion.
|
|
Last Updated on Saturday, 18 April 2009 15:11 |
|
Read more...
|
|
Compliance
|
|
Written by Joe Campana
|
|
Friday, 03 April 2009 15:52 |
|
Identity theft continues to be a growing problem nationally and globally. Many businesses especially financial institutions and creditors have facilitated identity theft when they unknowingly conducted business with people who used false identification.
There are often two victims-the business and the legal person whose identity was misused. While the immediate impact to both is often financial, such fraud facilitates additional crimes and victimization that can take years for the victims to learn of and resolve. Most often we hear of the consumer victim, while the business victim is renounced. A new law, the Red Flags Rule, was designed to help businesses and consumers from becoming victims of identity theft.
|
|
Last Updated on Saturday, 11 April 2009 20:17 |
|
Read more...
|
|
Privacy
|
|
Written by Joe Campana
|
|
Friday, 20 March 2009 11:20 |
|
Whether you are producing or receiving account statements, what kind of "sensitive consumer information" is on the statements? Social Security Numbers (SSNs) and account numbers should not be printed, and account numbers should be truncated.
If you operate a business that prints SSNs on customer account statements, you are putting your customers at unnecessary risk of identity theft and fraud. Opportunities for unauthorized people to gain access to that sensitive information for fraudulent purposes include:
|
|
Last Updated on Saturday, 11 April 2009 20:16 |
|
Read more...
|
|
|
Information Security
|
|
Written by Joe Campana
|
|
Monday, 20 April 2009 09:51 |
|
Most states have data breach notification laws in place that require an organization to notify all potential victims when a data breach occurs. The notice provides the probable victims an opportunity to take action and to monitor their person, credit or health records as a measure to protect their good name. Unauthorized acquisition of sensitive information is the obvious definition of a breach. What if information is known to have been accessed or accessible by unauthorized persons but there is no evidence that the information was acquired?
|
|
Last Updated on Monday, 20 April 2009 09:55 |
|
Read more...
|
|
Identity Theft
|
|
Written by Joe Campana
|
|
Tuesday, 07 April 2009 11:16 |
|
Some do, most don't. I've been educating consumers, business people, journalist and legislators on this topic since 2003 and little has changed with respect to consumer understanding of identity theft in over five years.
Identity theft like many diseases has a range of effects from mild to deadly. Also like many diseases, the risk can be decreased by education and lifestyle changes. Many people confuse identity theft and credit card or bank fraud not unlike the confusion between dementia and Alzheimer's disease.
|
|
Last Updated on Saturday, 11 April 2009 20:17 |
|
Read more...
|
|
Privacy
|
|
Written by Joe Campana
|
|
Monday, 30 March 2009 13:36 |
|
Assume for a moment that you operate a family run mortgage company or a small independent hometown bank. For convenience, you keep a digital copy of mortgage or other financing documents on your computer system. One day, a friendly person discovers that the digital documents have been easily accessible through the Web.
Any legal or compliance professional would advise you to secure the information immediately so it is no longer Web accessible. They would advise you to comply with the breach notification laws in each state in which your clients, whose records were at risk of being exposed, reside. Breach notification laws in general, require the official notification of all of the probable victims of the breach.
|
|
Read more...
|
|
Identity Theft
|
|
Written by Joe Campana
|
|
Wednesday, 18 March 2009 17:18 |
|
The Federal Trade Commission recently reported that identity theft complaints increased 20% in 2008 compared to 2007. Reports from Wisconsin residents soared almost 30%.
The number one identity theft prevention tip is "Protect your Social Security Number."The FTC, FBI, State of Wisconsin Offices of Privacy Protection and Attorney General all heed the same irrefutable advice. Yet, local governments, particularly counties including Dane, facilitate Web access to our Social Security Numbers (SSNs) to anyone on the planet?
|
|
Last Updated on Saturday, 11 April 2009 20:15 |
|
Read more...
|
|
|
|
|
<< Start < Prev 1 2 3 4 5 6 7 8 Next > End >>
|
|
Page 2 of 8 |
