View
220
Download
1
Category
Tags:
Preview:
Citation preview
Helping you protect your
customers against fraud
Division of Finance and Corporate Securities
2
Identity theft is prolific in the U.S. and in Oregon. It can strike anyone, anywhere.
• Individuals• Businesses and Organizations• Government Agencies
It has become the number one crime in the U.S.
Oregon ranked #13 in identity theft crime.
3
The Cost of Identity Theft
• National business price tag: $48 billion • Consumer price tag: $5 billion• Other tolls: time, credibility, emotional
4
ID Theft Prevention — Prepare and Plan
The 2007 Oregon Identity Theft Protection Act• Social Security numbers
• Data breach notification
• Safe-keeping of sensitive information
• Security freeze option
5
Definitions
“Security Breach”• Inadvertant release or the theft of personal information in
computerized format
“Personal Identifying Information”• Someone’s name in combination with one or any of these:
Social Security number Driver license number or Oregon identification card number Passport number Financial account number, credit or debit number along with
required security code, access code or password
6
Protecting Social Security Numbers
Effective October 1
To prevent the theft of SSN: No posting or displaying (ex: Web site)
No printing on materials sent through the mail if not requested unless redacted
No printing a consumer's SSN on a card used by the consumer that is required to access products or services
*Exceptions:
Records required
by state or federal
law and others
7
When sensitive data is stolen
Effective October 1
If computerized personal identifying information you own or maintain is stolen you must send your customers notification.
• When
• What
• How
8
When
• As soon as possible
• Delay if action by law enforcement
9
What
• Describe what happened
• Explain type of information that was stolen
• Provide contact information
• Add information for national credit reporting agencies
• Give advice in reporting suspected identity theft to law enforcement and the Federal Trade Commission
10
How
• Notify credit reporting agencies
• Exception: Use statewide major television and newspaper and your Web site if:
• Cost of notification > more than $250,000
• Number of individuals > more than 350,000
• Gramm-Leach-Bliley Act
• Note – Follow Oregon law for your employees
11
How to Protect Customer Data Effective January 1, 2008
To safeguard information you own you must develop, implement and maintain reasonable safeguards including proper disposal.
12
Easy and Sensible Steps
Assess
• Take inventory
13
Easy and Sensible Steps
• Simplest protection
• Encrypt
Protect
14
Easy and Sensible Steps
Reduce
• What kind of personal information do you really need?
15
Easy and Sensible Steps
• What’s personal identifying information?
• Security program practices and procedures
• www.OnGuardOnline.gov
Train
16
Easy and Sensible Steps
• Test
• Investigate
• Have a security plan
Detect
17
Easy and Sensible Steps
• Use your retention schedule
• Make the information unreadable — hard copy or electronic
• New recycling law
Destroy
18
• Gramm-Leach-Bliley Act
• Health Insurance Portability and Accountability Act (HIPAA)
• Follow Oregon’s law for your employees
19
Requirements for Protecting Data
20
Prevention Tool for Consumers: Security Freeze
Effective October 1
• All Oregonians can place a freeze
• Contact Experian, TransUnion, Equifax
• $10 fee for each freeze
• Exception to fee — ID theft victims
• “Thawing” the freeze
• Careful consideration: do you need new credit?
21
Security Freeze Procedures
22
More Information:
www.dfcs.oregon.govClick on Identity Theft
(503) 378-4140(866) 814-9710
Federal TradeCommissionwww.ftc.govSearch for Identity Theft
Recommended