By David Worthington | Monday, May 4, 2009 at 6:53 pm
Measures that would protect consumers from identity theft have been delayed, because many businesses are not compliant yet with federal regulations. Fortunately, there are solutions to help them protect your privacy.
In 2007, the United States Federal Trade Commission issued its final rules on identity theft “red flags” and address discrepancies. Fast forward to today, and the implementation of those rules has been delayed for a second time until August 1st.
The rules are intended to protect consumers from identity threat by governing how businesses that deal with credit handle financial information. Industries affected by the rules include healthcare providers (doctors, hospitals), utilities (gas, electric, telephone, cable TV, etc.), auto (car, motorcycle, RV dealerships), real estate (brokers, lenders), banks and credit unions and more, according to Compliance Coach, a company that sells risk assessment software.
It was an e-mail pitch from Compliance Coach about the delay that inspired me to write this article. The delay has occurred due in part to the fact that many businesses are not yet compliant with the rules or are unaware that they applies to them, the company says. It’s onto something.
A few weeks ago, I had a conversation with Peter Coffee, director of platform research at Salesforce.com. Peter said that it would be okay for me to disclose that a significant portion of IT professionals (not all of who were Salesforce customers), surveyed in third party research that it uses internally, understand that they are not compliant with existing laws and legal rulings that affect IT operations.
He noted in a follow-up e-mail that the research he discussed is not a statement of the legal opinions of the company’s corporate counsel, nor is it a formal statement of the assurances provided by the team that is headed by its chief trust officer.
Salesforce needs to think hard about compliance, because its customers are forced to tackle issues around data when they use its services. The cloud computing model that Salesforce pioneered–where data is hosted by a third party on remote servers–forces companies to build applications that abide by regulations that govern data, such as who can access it, and where it can exist.
Today’s delay is yet another example of how traditional IT has trouble keeping pace with cloud services. It is simply too difficult for many businesses to build the systems that they need to be compliant.
Cloud services can help organizations with limited IT resources meet today’s standards for business processes and data, because cloud providers must meet those considerations as part of their business model. The easier that is for businesses to be compliant, the safer your personal information becomes. Now let’s just hope that the FTC’s new protections go into effect with no further delays.
[…] Identity Theft Protections Put Off Until Tomorrow – Again (technologizer.com) […]
May 5th, 2009 at 4:02 am
Consumers need to feel secure when dealing online. Since I shop online I use Billeo’s toolbar. It also manages your passwords. You dont have to forget or lose your login info again.
May 5th, 2009 at 4:02 am
I highly recommend this blog post by Steven Bearak of Identity Force calling for businesses to comply with the Red Flags Rule and to protect people from identity theft and data breaches (http://www.identitytheftdailynews.com)
Red Flags Rule: It is time to do the right thing.
On April 30, less than a day before the Federal Trade Commission (FTC) was to begin enforcing the Red Flags Rules, the agency extended the deadline for compliance for the second time, until August 1. The 11th hour reprieve by the FTC reflects the fact that far too many organizations have either failed in their efforts to develop identity theft prevention programs, or simply ignored the government’s mandate to do so.
The Red Flags Rule requires financial institutions and creditors to develop and implement programs to identify, detect, and respond to indications of identity theft. The rules apply to a wide set of businesses including retailers, hospitals, colleges, universities, and utilities.
Unfortunately, businesses have not stepped up to protect their customers, members or patients. Two weeks ago Identity Force released a report that warned of non-compliance in the hospital industry. The report, available at http://www.identityforce.com/redflagsrulesreport.pdf, revealed that over 80 percent of hospitals were not yet in compliance.
Identity theft and data breaches should be taken much more seriously by businesses and by the government. Data breaches are increasing exponentially, organized cybercrime networks are attacking computer systems daily, and every year millions of Americans become victims of identity theft. What more will it take before organizations do the right thing?
Forty-four states now have identity theft laws on the books, and the FTC eventually will enforce Red Flag Rules. However, regardless of the letter of the law, identity theft and data breaches are clearly inevitable in today’s society. Complying with new laws and regulations and protecting the public is not an option; it is a necessity for organizations that want to survive in our new economy. Businesses must take action or face significant financial risk and reputation damage.
Some organizations may feel that complying with the new rules and combating identity theft and data breaches is a complex and burdensome task. In reality it is not. Turn-key identity protection, compliance and data breach solutions are available for businesses that will immediately bring an organization in line with all state and federal laws. These solutions will also drive down risk, and have the potential to save businesses millions of dollars.
Executives and managers should not hem, haw, stall or delay any longer. When asked if they are prepared to do the right thing regarding identity theft protection, their answers should be one word – “Yes.”
May 24th, 2010 at 9:46 pm
Identity Theft is so rampant these days because it is quite easy to harvest information from someone else.’.’
September 9th, 2010 at 8:44 am
identity theft is very common on the internet so be careful about phising sites~'”
June 18th, 2011 at 2:18 am
i am always fond of reading topics and issues about this one