IDT Consultants, LLC
"Your Identity Theft Experts"
Is Your Company at Risk?
How vulnerable is your business to data breaches & identity theft and the ensuing liability?
The environment surrounding the protection of personal information and risks from data breaches has changed enormously in just the past year. Almost every week, we now see extensive publicity surrounding substantial security breaches – in all kinds of industries - from small and large companies.
Just this year, the law of data breaches and identity theft has changed dramatically – and we can expect these changes to continue and expand. Security risks will remain – because volumes of personal data that are collected, used and disclosed on a daily basis will remain substantial. Companies – large and small – need to be aware of the increasing legal obligations arising from security practices, data breaches and identity theft risks, and must be exploring all reasonable means. It can take years, even decades, to build consumer confidence and an instant to shatter it.
Effective January 1, 2008 a new rule mandated by the FACT Act is requiring identity theft prevention programs which will set forth certain "red flags" that may be indicative of identity theft. Complaince will be mandatory beginning November 1, 2008, but don't let that make you complacent. Each day that your company does not have an effective Identity Theft Prevention Program increases the odds that you'll be damaged by the theft and misuse of a customer's or employee's identity.
So why should all businesses, schools, financial institutions, hosptials, insurance agents, realtors, auto dealerships, etc... be concerned about identity theft and data breaches? Because of the exposure to liability - both civil and criminal - due to the leak of personal sensitive information.
Most companies keep sensitive personal information in their files - names, addresses, phone numbers, Social Security numbers, credit card, medical, payroll, driver's license or other account data - that identifies customers, clients, contractors and/or employees.
This information often is necessary to fill orders, meet payroll, or perform other necessary business functions. However, if sensitive data falls into the wrong hands, it can lead to fraud, identity theft or similar harm and, quite simply, ruin alot of lives. Given the cost of a security breach - 20 percent of your affected customer base will no longer do business with you; 40 percent will consider ending the relationship, and 5 percent will be hiring lawyers - safeguarding personal information is just plain good business.
New Federal Laws on identity theft & data breaches and how employers handle non-public information has put your business in jeopardy. Every business - large or small - must deal with and be prepared for the bullseye on their business, the class action lawsuits, litigation, fines from the Federal Trade Commission and more.
If You Think You're Not At Risk, Think Again!
A substantial percentage of recent security breaches have not been the result of hackers, but of employee (or former employee) theft, lost or stolen hardware, carelessness and even simple - but costly - mistakes. In addition to internal disclosure, other external methods of obtaining sensitive information are "dumpster diving" for personal information that has not be shredded or destroyed properly, impersonating as an employee and sitting at a workstation collecting information, stealing mail from mailboxes, and calling banks and obtaining financial information.
Even if a company has no knowledge thats its personal information has been compromised, it still may be found liable to a civil or criminal case. Even if a victimized company is not penalized financially, such an occurrence can affect a company directly. For instance, a victimized company usually spends a lot of time and money resolving the case, working with law enforcement agencies and repairing relationships with customers, clients, contractors, and employees.
Despite the extensive resources a company may invest in cleaning up the mess left from a data breach, perhaps the greatest risk is the extensive damage to the company's image. A company's name and brand can take years to build and only minutes to destroy. Customers and suppliers may think twice before doing business with a company that has been the victim of a data breach and identity theft.
To Find Out How IDT Consultants Will Assist Your Company with a Proactive Strategy, Please Call Us at 918-398-8259
Below is a brief overview of the relevant laws and how they potentially affect business owners and executives.
Fair & Accurate Credit Transactions Act (FACTA)*: Applies to every business that collects or maintains consumer information for a business purpose. Employee or customer information lost under the wrong set of circumstances could result in Federal and State fines of $2500 per occurence Civil Liability of $1000 per occurence Class Action lawsuits with no statutory limitations. Can be held responsible for actual losses of individuals ($92,893 average loss)
Gramm Leach Bliley Safeguard Rule (GLB)*: Applies to any organizations that collects or maintains personal financial information about its clients or customers. Information lost under the wrong circumstances could result in: Fines up to $1,000,000 per occurence Up to 10 years jail time for executives Removal of management Executives can be held liable both criminally and civilly.
A Multitude of State Laws: There are now 35 states that have their own laws regarding identity theft and information security.
Effective January 1, 2008 a new rule mandated by the FACT Act is requiring identity theft prevention programs which will set forth certain "red flags" that may be indicative of identity theft. Complaince will be mandatory beginning November 1, 2008, but don't let that make you complacent. Each day that your company does not have an effective Identity Theft Prevention Program increases the odds that you'll be damaged by the theft and misuse of a customer's or employee's identity.
So why should all businesses, schools, financial institutions, hosptials, insurance agents, realtors, auto dealerships, etc... be concerned about identity theft and data breaches? Because of the exposure to liability - both civil and criminal - due to the leak of personal sensitive information.
Most companies keep sensitive personal information in their files - names, addresses, phone numbers, Social Security numbers, credit card, medical, payroll, driver's license or other account data - that identifies customers, clients, contractors and/or employees.
This information often is necessary to fill orders, meet payroll, or perform other necessary business functions. However, if sensitive data falls into the wrong hands, it can lead to fraud, identity theft or similar harm and, quite simply, ruin alot of lives. Given the cost of a security breach - 20 percent of your affected customer base will no longer do business with you; 40 percent will consider ending the relationship, and 5 percent will be hiring lawyers - safeguarding personal information is just plain good business.
New Federal Laws on identity theft & data breaches and how employers handle non-public information has put your business in jeopardy. Every business - large or small - must deal with and be prepared for the bullseye on their business, the class action lawsuits, litigation, fines from the Federal Trade Commission and more.
If You Think You're Not At Risk, Think Again!
A substantial percentage of recent security breaches have not been the result of hackers, but of employee (or former employee) theft, lost or stolen hardware, carelessness and even simple - but costly - mistakes. In addition to internal disclosure, other external methods of obtaining sensitive information are "dumpster diving" for personal information that has not be shredded or destroyed properly, impersonating as an employee and sitting at a workstation collecting information, stealing mail from mailboxes, and calling banks and obtaining financial information.
Even if a company has no knowledge thats its personal information has been compromised, it still may be found liable to a civil or criminal case. Even if a victimized company is not penalized financially, such an occurrence can affect a company directly. For instance, a victimized company usually spends a lot of time and money resolving the case, working with law enforcement agencies and repairing relationships with customers, clients, contractors, and employees.
Despite the extensive resources a company may invest in cleaning up the mess left from a data breach, perhaps the greatest risk is the extensive damage to the company's image. A company's name and brand can take years to build and only minutes to destroy. Customers and suppliers may think twice before doing business with a company that has been the victim of a data breach and identity theft.
To Find Out How IDT Consultants Will Assist Your Company with a Proactive Strategy, Please Call Us at 918-398-8259
Below is a brief overview of the relevant laws and how they potentially affect business owners and executives.
Fair & Accurate Credit Transactions Act (FACTA)*: Applies to every business that collects or maintains consumer information for a business purpose. Employee or customer information lost under the wrong set of circumstances could result in Federal and State fines of $2500 per occurence Civil Liability of $1000 per occurence Class Action lawsuits with no statutory limitations. Can be held responsible for actual losses of individuals ($92,893 average loss)
Gramm Leach Bliley Safeguard Rule (GLB)*: Applies to any organizations that collects or maintains personal financial information about its clients or customers. Information lost under the wrong circumstances could result in: Fines up to $1,000,000 per occurence Up to 10 years jail time for executives Removal of management Executives can be held liable both criminally and civilly.
A Multitude of State Laws: There are now 35 states that have their own laws regarding identity theft and information security.
IDT Consultants * info@databreachexperts.com*
Phone: (918) 398-8259
