Identity Theft is Epidemic...
What is Your Responsibility as an Employer?
“Last year . . . more than 100 million Americans had information that was compromised in data breaches in some of our largest companies,”
“Identify theft is now America’s fastest growing crime.”
“The idea that somebody halfway around the world could run up thousands of dollars in charges in your name just because they stole your number… —that’s infuriating,”
These are some of the statements President Obama offered when signing an executive order to improve security measures for government credit and debit cards.
Ok, so credit and debit cards get the secure treatment, but what about personal data?
We all know by now that ID theft is a big deal in the world. It is a relatively easy crime to commit. All you need is 3-4 pieces of private information and you are able to open accounts, apply for credit and more. In fact this is such old news, I have probably lost your attention already. To keep this subject fresh and very relevant, lets ask a question:
As an employer, what is my responsibility to keep my employees sensitive information private?
I remember back in the early days of the Internet when people would go to great lengths to keep their computer secure from being hacked, but they did nothing to secure employee and customer data on plain paper in file cabinets. Which easier for the common criminal – to hack a secure server or break into your file cabinet?
The Texas Workforce Commission tells about an employee who found a box full of employee personnel information “lying completely open and unattended in an ordinary company warehouse”. This employee used that information to cause a lot of trouble for a few people. Read more at the TWC Website.
That’s right, all those file boxes in the storage building out back or in your file cabinets offers some of the most significant levels of exposure to losing your employees private data.
Nowadays we can secure all that data in secure and duplicated (sometimes triplicated) servers in the “cloud”.
So if your file cabinet gets whisked away to OZ in a tornado or goes fishing in a flood, you have your data backed up. Most important to you and your employees – no one is going to find sensitive data “lying completely open and unattended”
Currently there isn’t a lot of legal requirement to keep your employees data secure and private, but that can all change overnight. Besides you want to take responsibility whether you are obligated legally or not – right?
The most important question you may ask yourself this week is “have I taken the (easy) steps to secure my employees sensitive information?”