Identity Theft: The Business Time Bomb, Preventing Corporate Identity Theft

  

Summary: This identity theft workshop is a six-hour intermediate level workshop. It is divided into two parts: consumer and business. Either part can also be offered separately and independently as a introductory, intermediate, or advanced level workshop in one to six hour sessions.

Part A focuses on consumer identity theft. Through an understanding of consumer identity theft, a business can better understand its legal and ethical risks and responsibilities. Part A covers what consumers need to know about identity theft, how to deter identity theft, how to detect identity theft, and what to do if a consumer becomes a victim of identity theft. Some of the common types of insurance and non-insurance identity theft services available to consumers are reviewed.

The education of employees on consumer identity theft can reduce employee exposure to identity theft. Employees who become identity theft victims have an adverse affect on the enterprise (business, local unit of government, not-for-profit) through lost work time, decreased productivity, stress related illness, and if the employer is at fault, through potential liability. Education of employees on business identity theft makes them aware of their role in protecting the privacy of consumer, employee, and business sensitive information. A broad educational awareness program can reduce employee and employer risks.

Part B, business identity theft, builds on the foundation laid in Part A. An enterprise is at risk to become a victim of identity theft, just as a consumer. The risks and liabilities to business are discussed. Laws specific to your enterprise, state, and industry sector are highlighted. The standards, based on statutory requirements and commonly accepted best practices, that all enterprises are expected to embrace to comply with laws and to minimize risks and liabilities, are reviewed.

Part A. Consumer Identity Theft(Arabic numerals below refer to presentation hours)

1. Overview

• Current Awareness: National, State, and Local
• Definition of Identity Theft
• 7 Major Types of Identity Theft – “It’s more than Financial Fraud.”
• 4 Hidden Consequences of Identity Theft
• Anyone can become a victim: Some Surpising Target Classes

2. Identity Theft Laws

• Federal and State Laws that Prosecute Criminals
• Federal and State Laws that Protect Consumer Privacy
• Deterring Identity Theft
• 10 Steps to Deter Identity Theft

3. Basic Personal Computer Security Principles

• Detecting Identity Theft
• Government and Not-for-Profit Resources
• Four Steps to take if You Become a Victim
• Consumer Identity Theft Insurance and Related Services.

Part B. Business Identity Theft

4. Overview

• Identity Theft, Privacy, and Information Security
• Information Security Breach Statistics
• Consumer Liability
• Business Risks and Liability

5. Laws and Regulation

• Applicable Federal Privacy and Information Security Laws
• Applicable State Laws
• Applicable Industry Self Regulation
• Example Breaches and Penalties
• Breach Impact Analysis

6. Managing the Risks

• Privacy Best Practices
• Assessing Risks
• Documentation
• Employee Education and Training
• Other Risk Reduction Strategies
• Continuous Improvement