Identity theft is considered the fastest growing crime in America. There are no easy answers about what we can do to curb the increasing prevalence of these crimes. Some experts recommend increased police involvement, longer jail sentences and changes to the way Social Security numbers are used.
However, there is one segment of the population that probably has the most power to reduce identity theft crimes. Small and mid-sized business owners may be the key to reducing identity theft crime rates. These businesses are important gatekeepers in the war against identity theft. Business owners and managers should consider the following in order to guard against identity theft:
Shred sensitive documents – Under Fair and Accurate Credit Transaction law, every employer must securely destroy “consumer report” documents (background checks, credit reports, medical histories and employment records) before throwing them away. This is true even for people who only employ one nanny or housekeeper. Applications and other sensitive forms aren’t included in this law but should always be shredded before being thrown away.
Secure your data – Certain types of data (such as medical information and credit report data) is protected by specific business privacy laws, but most information is not regulated directly. Companies should store all consumer information in computers that are encrypted, password locked and protected by virus software or firewalls. Offices containing sensitive information should be locked and monitored with video cameras when possible.
Store documents safely – Printed documents containing customer information should be kept in locked file cabinets. Access to sensitive identity records should be limited to employees with a specific business purpose. Employees with access to sensitive records should be instructed on the company’s privacy policies and expectations.
Verify customer information – Many identity theft crimes start with a thief using stolen information to make a purchase or open an account. Stop these crimes by confirming the identity of customers before you make a transaction. Check the customer’s identification for credit card purchases and know how to spot fake ID cards. Internet businesses should ask for credit card verification numbers (the small numbers usually printed on the back of credit cards) when processing online transactions.
Guard against phone fraud – Carefully verify the identity of companies with which you do business. Don’t give out sensitive information over the phone or fax without confirming the business purpose. Thieves may pose as tax official, health care businesses or law enforcement agents to obtain identity information over the phone.
Know your employees – A large percentage of identity theft crimes start with employees stealing data. It’s a smart idea for business owners and managers to complete background checks of employees who will have any sort of access to sensitive data. Background checks can be ordered easily online. Look for criminal records and information that doesn’t match up with their application.
Reevaluate your data policies – Think about the ways that your business uses sensitive information. Can your company use ID numbers instead of Social Security numbers to identify customers? How are you collecting this information? How is it being stored and discarded? See if there are ways you can reduce your use of sensitive data, and therefore also reduce your risk of identity theft.
Protect online customers – Internet businesses also need to ensure that their order forms and data collection systems online are secure. All web forms should be protected with 128 bit encryption. Obtain a VeriSign SSL Secured certificate for your company. Also, inform your customers about how to avoid phishing and how to transmit data securely. Take customer security concerns seriously and investigate suspicious events.
Develop a security policy – Create a security policy for your business that establishes methods for protecting sensitive information, discarding documents and dealing with theft situations. Set clear penalties for violating the security policy. Include a program for immediately disabling an employee’s access to sensitive data when they leave the company.
The editorial staff from TexasDirectLenders.com is working hard to help consumers and small business owners navigate their personal finances in 2015. We are searching for good articles on lending, consumer finances, debt and credit related topics. Are you a small business owner? Are you working for a company that needs to improve their security policies? Share your insight and suggestions in the comment section below.