|
Protect Yourself and Your Employees
from Identity Theft
By Rachel Kuntz, MMGT
September, 2003
Most employers work hard to protect their organizations from potential
hazards. Most employers try to
instill safe working habits in their employees, prepare for natural disasters,
or provide wellness programs. Unfortunately,
many employees are unaware of the potential for identity theft in the workplace.
The media often reminds us to take steps to protect identities when
processing credit applications, using the telephone, and using the Internet.
So, many people are aware that identity theft has become a growing
concern. For employers, identify
theft requires attention because the employer may be held negligent by a court
of law for thefts of identity in the workplace.
However, most employers have little idea of how to handle this growing
crisis in the workplace.
Until recently, theft of identity was not even considered a crime.
In 1998, the US passed the Federal Identity Theft and Assumption
Deterrence Act of 1998. This
legislation made it a felony to assume another person's identity.
Despite that change, the US Federal Trade Commission reports that
identity theft was the number one consumer fraud complaint in 2001.
Identity theft is not limited to the US alone. In the year 2001, identity theft was the third most-often
reported consumer business complaint according to the Canadian Council of Better
Business Bureaus.
How does identity theft
occur in the workplace? It can happen in a variety of
ways, including:
1. Small businesses many times
have employees make purchases using personal credit cards or personal checks
then reimburse the employee when he or she submits a receipt.
Often times, the receipts contain personal information that can be used
fraudulently by individuals with access to the receipts.
2. Most businesses keep some
form of personnel files, and the accounting department generally has access to
employee data for payroll purposes. Information
in these files contain a great deal of personal information such as home
addresses, telephone numbers, social security numbers, birth dates, and even
banking information (especially with the growth of direct deposit for
payroll).
The information usually kept in these files is exactly what is needed to
steal the identity of unsuspecting individuals. A recent publication stated that nearly 90 percent of the
identity theft that occurs in the workplace happens when information is accessed
though personnel files.
3. Many times, small to
mid-sized businesses don't keep personal data secure within a regular locked
filing system. Consequently,
unauthorized persons may access personal information, which could be
devastating.
4. Sometimes, identity theft
occurs from within third parties such as payroll services. Smaller businesses often choose to outsource their payroll
services. Therefore, it is
important that businesses choose payroll firms that are committed to protecting
the privacy of clients.
Setps to Take
How can employers protect the workplace and employees from the growing
concerns of identity theft? Employers can take a series of steps to try to
improve security measures, which may include some of the following:
1. Consider carefully screening
employees who will be able to access employee-sensitive materials.
Employers may consider doing background checks for those positions.
Remember to make sure these measures conform to the law in order to
prevent potential legal problems.
2. Limit access to employment
and personal information. Only
retain information that is necessary to employment.
Keep all personnel files, payroll information, etc.
in locked files. If personnel files are electronic, they should be
well-protected electronically.
3. Personal information
requested from third parties should be denied.
4. Limit or even eliminate the
use of social security numbers as a means of reference for employees.
Instead, use employee numbers on payroll checks and other employee
documents instead of social security numbers.
5. Shred all personnel and
informative business documents. When
businesses clean out old files and do not properly dispose of documents, it
makes it easy for someone to access information from the garbage can.
Train employees about identity theft. Teach
employees to properly handle and dispose of important information.
Training could include the following measures: securing files, securing
personal wallets/purses, use of lockers for personal items, and notifying
employees in case of a identify theft.
Rachel
Kuntz is a senior executive consultant with Brynmor Associates, LLC.
She offers human resource consulting services to organizations throughout
the United States, Canada, and the United Kingdom; you can contact her at rachel@brynmorassociates.com.
This article is intended for informational purposes only and is not
intended to give legal or other professional advice.
You should always consult competent legal consul regarding your unique
situation.
Identity Protection Checklist
1.
Does your company shred all materials that contains sensitive
information?
□
Yes □ No
□ Unsure
2. Does
your company carefully screen individuals who will be using sensitive
information?
□
Yes □ No
□ Unsure
3. Does
your company minimize temporary employees having and using sensitive
information?
□
Yes □ No
□ Unsure
4. Does
your company try to minimize the use of social security numbers to distinguish
employees?
□
Yes □ No
□ Unsure
5. Does
your company avoid using social security numbers and full addresses on payroll
documents?
□
Yes □ No
□ Unsure
6. Does
your company have policies regarding the limitation of information relayed to
third parties?
□
Yes □ No
□ Unsure
7. Does
your company secure employee information and other important documents?
□
Yes □ No
□ Unsure
8. Does
your company promote security awareness by providing guidelines for safeguarding
sensitive information?
□
Yes □ No
□ Unsure
Return
to List of Articles || Read more articles at MyArticleArchive.com
|
