Identity thieves can steal personal information from you at work, in public, online or even from your home (a place that so many of us think is a safe haven). The first step to protecting your information in all these places is knowing where the thieves will go to get their hands on it.
Let’s start off by looking at the workplace.
Personal information in any given workplace is vulnerable to the prying eyes and hands of permanent staff, temporary and contract workers or even the after-hours custodial staff that comes in and cleans the building every night.
If there’s an identity thief lurking in and around your workplace, chances are they’ll go for one of the following.
- Unattended Personal Belongings: This includes both unattended purses and wallets as well as easily accessible personal documents employees may either keep at work of bring with them to work.
- Employee personnel files: Any employee with access to the personnel files that are kept in HR has easy access to employees’ Social Security Numbers and DOB’s as well as a host of other data ID thieves may use to commit fraud.
Data in personnel files is especially vulnerable to threats from within an organization. A disgruntled employee or even a temp worker could steal employee personal information, sell it to an identity thief or use it themselves to commit fraud.
Effective monitoring is the key:
The information above goes to show that employers should carefully monitor access to all employee personal information. Certain vital details such as who has access to this information, how long they have access to it and what precise business or compliance need their access to this information will fulfill should be spelled out clearly in your Written Information Security Plan required by Massachusetts law 201 CMR 17.00 (which is enforceable the first of next month).
On top of this, employers should communicate to employees the importance of consistently monitoring all accounts they have in their name, checking for any unauthorized activity or the presence of any new accounts that they didn’t open themselves.
Individuals who steal your identity or credit card numbers depend on you not to look too closely at your bills and ensure that every charge on them was actually yours. “Small” charges of under $100 are often less scrutinized than larger amounts and thieves know this. That’s why you should never just “excuse away” unfamiliar and unauthorized charges, just because they appear small.
Deadline for Massachusetts Identity theft law 201 CMR 17.00 is just a week away:
One week from today, all businesses that “own, license, store or maintain” personal information on any Massachusetts residents must be fully compliant with the Commonwealth’s identity theft law 201 CMR 17.00. Is your company compliance-ready, and can you prove it to the auditor who may come knocking at your door?
To help Massachusetts businesses get compliance-ready, Universal Benefit Plans has partnered with local employment law firm Foley and Foley to offer a complimentary 30 minute compliance review for qualifying companies. Call us at 617-859-1777 to learn more and see if your company qualifies.