Stolen Hard Drives Spark Identity Theft ConcernsTo read more on the FTC extension and Red Flags Rule from my October 25 post - click here.
David Goodhue - AHN ReporterTucson, AZ (AHN) -
Hard drives containing sensitive information regarding 40,000 children in Arizona were stolen from a Phoenix storage unit in mid-October, state officials said this week.The hard drives were stolen from a storage unit used by the Arizona Department of Economic Security and contain information about children whose families were interested in DES programs. (Full text at allheadlinenews.com)
Nation's first encryption law
Greg Masters
For the first time in the United States, a law specifies that encryption be used for the transmission of any electronic data. Nevada's NRS 597.970, which went into effect on Oct. 1, states: “A business in this State shall not transfer any personal information of a customer through an electronic transmission other than a facsimile to a person outside of the secure system of the business unless the business uses encryption to ensure the security of electronic transmission.”
While 39 states have already passed data protection laws, most requiring disclosure of breaches, and several other states with data laws introduced, Nevada's statute is thought to be the first law requiring encryption of transmitted data. (Full text at SCmagazine.com)
ID Theft Red Flags Rule: FTC Extension is no 'Break'
Enforcement Delayed for FTC-Governed Institutions; Liability is Not
November 12, 2008 - Linda McGlasson, Managing EditorState-chartered credit unions may think they've at least temporarily dodged the enforcement bullet re: the Identity Theft Red Flags Rule. But just because the Federal Trade Commission (FTC) pushed back the compliance enforcement deadline for these institutions doesn't mean that they can take a break, industry experts say.
In fact, compliance will be a huge challenge for non-banking entities and those state-chartered credit unions, says Debra Geister, Director of Fraud Prevention and Compliance Solutions at Lexis-Nexis, an information services provider. While the bigger, federally-regulated banking institutions have pre-existing programs in place to meet the ID Theft Red Flags Rule under the Fair and Accurate Credit Transactions Act (FACTA) requirements -- including a Customer Identification Program -- they are still struggling to meet compliance with the guidance, which had been estimated by federal regulators to take anywhere from 20 to 40 hours of work to be compliant.
.."Many businesses don't realize that point, that even though the FTC isn't enforcing compliance, it doesn't mean those businesses won't be liable if a data breach or loss of information occurs," Geister notes. The key issue is that the law was effective January 1, 2008. It was only the compliance portion that was not being enforced until November 1.
...However, it's much different for non-banking entities,..."If I were a business on the FTC side of enforcement, I would be nervous. At any time it could fall directly into your lap, and at $2500 per infraction.....
..The FTC will look to put some "heads on sticks" when enforcing this regulation, predicts Geister. "They anticipate non-compliance, and when a business is hit with a breach, they will march you out to the center of the square and shoot you publicly." (Full text at www.bankinfosecurity.com)
To learn more about Identity Theft and what to do if you are a victim, visit www.StopIdTheftCrime.com and subscribe to the newsletter to obtain your free 46 page eBook "Fighting Back Against Identity Theft".
Remember, estimates are that every 2-4 seconds an Identity is compromised. Why take chances? Why not protect yourself and your loved ones with the best suite of services provided (including restoration) by the best NYSE company in the field? Educate yourself and visit the shameless plug below or call me at (909) 208-3728!
Shameless plug
the Best Identity Theft Protection available dot com
Posts
