1. BUSINESSES MAY RECEIVE STIFF PENALTIES AND FINES FOR NON-COMPLIANCE!
These days, it is almost impossible to be in business and not collect or hold personally identifying
information — names and addresses, Social Security numbers, credit card numbers, or other account
numbers — about your customers, employees, business partners, students, or patients. If this information
falls into the wrong hands, it could put these individuals at risk for identity theft. Accordingly, for any
company that maintains information on employees or customers – information that could provide the
basis for identity theft – it is critical to understand the problem of identity theft and to begin to take steps
to reduce these risks now, as much as possible. There are federal and state laws requiring business owners
to secure all personal information (Social Security numbers, driver's license numbers, credit card
numbers, date of birth, etc.) of their clients and employees. Some 87 percent of businesses are not aware
that these laws effect them or that they even exist. Non-compliance could result in the closing of the
business, large fines and penalties, and criminal and civil litigation. No industry is immune, and
businesses large and small, for profit and non-profit are impacted. It is expected to be the next hot class
action target.
Fair and Accurate Credit Transactions Act (FACTA)
Applies To Every Business And Individual Who Maintains, Or Otherwise Possesses, Consumer
Information For A Business Purpose.
Employee or Customer information lost under the wrong set of circumstances may cost your company:
• Federal and State Fines of $2500 per occurrence
• Civil Liability of $1000 per occurrence
• Class action Lawsuits with no statutory limitation
• Responsible for actual losses of Individual ($92,893 Avg.)
FACTA-Identity Theft Red Flag Rules
Businesses should establish an identity theft prevention program
• Should develop and implement a written Identity Theft Prevention Program.
Training of staff to implement the identity theft prevention program
• A Culture of Security should be established at all businesses.
• Personally Identifiable Information (PII) such as Social Security numbers, drivers license numbers, etc.,
must be protected as if they were loose cash because the loss of PII can be more devastating then the loss
of cash, since cash can be replaced.
• All staff who could possibly have access to PII within or without the business should be trained so that
they understand why the information needs to be protected and that there are legal consequences for not
doing it. This is necessary to effectively implement an identity theft prevention program.
Service providers and sub contractors
• Liability follows the data.
• A covered entity cannot escape its obligation to comply by outsourcing an activity.
• Businesses must exercise appropriate and effective oversight of service provider arrangements.
• Service providers and contractors must comply by implementing reasonable policies and procedures
designed to detect, and mitigate the risk of identity theft
Fair Credit Reporting Act (FCRA)
If an Employer obtains, requests or utilizes consumer reports or investigative consumer reports for hiring
purposes/background screening, then the Employer is subject to FCRA requirements.
( OTHER SIDE )
2. Gramm, Leach, Bliley Safeguard Rules
Eight Federal Agencies and any State can enforce this law
Applies To Any Organization That Maintains Personal Financial Information Regarding Its Clients Or
Customers
Non Public Information (NPI) lost under the wrong set of circumstances may result in:
• Fines up to $1,000,000 per occurrence
• Up to 10 Years Jail Time for Executives
• Removal of management
• Executives within an organization can be held accountable for non-compliance both civilly and
criminally
How We Help! We specialize in Identity Theft. As Identity Theft Risk Management Specialist we:
• Set up reasonable steps to protect Non Public Information (NPI) and Personally Identifiable
Information (PII). We provide a written policy manual regarding NPI.
• Help create a ”Culture of Security“ by providing the required training.
• Set up a potential Affirmative Defense with an Identity Theft Prevention Program that is offered
to you and your employees.
• Help Protect employees and customers while potentially decreasing your company exposure.
We Train your employees about the written policy and provide documentation of training.
We start the compliance process for your company by providing templates for the written ID Theft
security plan and the appointment of the security officer.
To assist your company with compliance issues we will conduct a mandatory training required by law for
your employees. We will also explain the different types of ID Theft and show your employees how they
can protect themselves if they become a victim and why their and your customers’ personal information
needs to be protected.
We also help with your business’s “ bottom line”, caused by worker absenteeism. Individuals spend an
average of 600 hours trying to clean up the mess after be a victim of identity theft. At what times do you
think victims spend those 600 hours trying to fix their problem?
We do all of this at no direct cost to your company.
For more information and/or to set up an appointment call/e-mail:
Tjymas Blackmore
770-828-7759
tjymas@hotmail.com