Thursday, December 3, 2009

Two Important Stories

These two stories although seemingly unrelated, point out two aspects of identity theft that are very much related. In January of this year the Kaiser Permanente Group headquarters in Oakland Ca. experienced a breach of employee personal information from its’ Human Resources offices. The person charged with the theft was a temporary worker in that office.

We see in these stories the relationship between the current economic climate, a crime of opportunity that will generate cash for the thief, temporary workers who have no real sense of responsibility the employer, and the irrefutable fact that while we can be diligent with our personal information, it is mostly in the hands of businesses and governments, and out of our control.

Business owners and Privacy specialists need to take stock of company risk by assessing their internal systems, and putting in place policy guidelines for employees to deal with sensitive information, and procedures for handling breaches when they occur.

All individuals need to be reminded that their ultimate information security policy should include tools to deal with these corporate breaches that result in identity theft. One cannot correct their own insurance or SSA files, their DMV records, and other databases once corrupted by identity theft fallout. We need that help of professionals in the business of restoring identities of fraud victims.

Medical ID Theft on the Rise
The recession has contributed to a rise in medical identity theft, and as health records move online, the problem is expected to worsen, reports the Wall Street Journal. "Medical identity theft is the fastest-growing form of identity theft," says Jim Quiggle of the Coalition Against Insurance Fraud. Most of the fraud occurs at the hands of healthcare workers who are paid to sell patients' information, the report states. Incidents of medical identity fraud are highest in states with large retiree populations. Experts advise consumers to monitor their medical and credit records, keep insurance cards private and avoid providing personal information over the phone.

Full Story

Temporary Workers Come with Risk
'Tis the season to keep an eye on temporary workers, according to the general manager of the Payment Card Industry Security Standards Council. "Vigilance is key," Bob Russo told Computerworld, adding that it's a good time of year for managers to "hover over" workers. Russo says that temps, especially, can pose a data security risk to businesses. He recommends that organizations conduct background checks and training, and says they should take care to get their access controls in place. Other tips include monitoring the use of handheld scanners, reviewing log data daily and implementing "hard" firewall policies
Full Story

No comments: