New York Law Aimed to Reduce Identity Theft in Workplace Takes Affect

Published on 14 May 2008 by Nick Fishman in Background Checks in States, Compliance, Identity Theft

1

This just in from our friends at Seyfarth Shaw: New York Employers Face Penalties if The Fail To Secure Employee Social Security Numbers. This law new law affects New York employers who collect Social Security Numbers on their job applicants and employees; in other words, every New York employer. Employers obviously need this information for a variety of reasons including its importance when conducting background checks. This article references a rather shocking stat: “In a 2006 survey conducted by the Identity Theft Resource Center (ITRC), a not-for-profit organization which provides information and support to identity theft victims, 12% of those surveyed reported that their personal information had been stolen at the workplace.”

We took this off the State of New York’s website:

Confidentiality of Social Security Numbers – General Business Law §399-DD
Places limits on the use and dissemination of Social Security Numbers (SSN) beginning January 1,
2008. The law prohibits the intentional communication of an individual’s SSN to the general public;
restricts businesses’ ability to print a SSN on mailings or on any card or tag required to access
products, services or benefits; prohibits businesses from requiring an individual to transmit his or her
unencrypted SSN over the Internet; and requires businesses possessing SSN to implement safeguards
and limit unnecessary employee access to the data.

According to Seyfarth Shaw, the New York Social Security New York Protection Law (NY Gen. Bus. § 399-dd) prohibits the following:

  • Intentionally communicating an employee’s social security number to “the general public or otherwise make [it] available to the general public”;
  • Printing an employee’s social security number on any card or tag required to access services or benefits provided by the employer;
  • Requiring an employee to transmit his or her social security number over the Internet unless “the connection is secure or the social security account number is encrypted”;
  • Requiring an employee to use his or her social security number to access an Internet web site unless “a password or unique personal identification number or other authentication device is also required to access the Internet website”;
  • Printing an employee’s social security number on any materials to be mailed unless state or federal law requires that this information be on the document.

Seyfarth offers the following compliance tips:

  • Have a written privacy policy (that includes disposal procedures that are consistent with accepted industry practice and satisfy legal requirements);
  • Lock up and limit access to employee personal information;
  • Conduct background checks on employees who will have access to personal information;
  • Limit retention of personal information to only that which is essential;
  • Train employees on privacy and document disposal policies;
  • Encourage employees to report any possible security breaches;
  • Avoid using or disclosing an employee’s social security number for any purpose other than that required by law or legitimate and necessary business purpose; and
  • Take proper security precautions when terminating employees who have access to personal information (e.g., changing computer access codes).

Read the full article here . . .

I definitely can’t and won’t argue that this is a bad law. In fact, it’s probably good for both employers to have some direction on how to comply and for consumers to have this protection. However, those performing background checks in New York have had a lot on their plate lately with the increase in the OCA fee.

Continue Reading

Identity Theft – By The Numbers.

Published on 03 December 2007 by Jason Morris in Articles, Identity Theft

0

I found this on-line this weekend. This article has nothing to do with background checks but has a lot of great information about identity theft.

Facts about identity theft:

– In 2005, about 1.6 million households experienced theft of existing accounts other than a credit card, such as a banking account, and 1.1 million households discovered misuse of personal information, such as a Social Security number.

Read more

Continue Reading

Identity Theft

Published on 27 November 2007 by Jason Morris in Compliance, Identity Theft, NAPBS

0

Just found a great informative article about identity theft. Linda Foley is quoted from the Identity Theft Resource Center. I have met Linda several times most recently at the National Association of Professional Background Screeners (NAPBS) Conference. While Linda is not an expert in Pre-employment Screening, she is in expert in identity theft and privacy. Kudos to Linda and all the great work she is doing.

Holiday Forecase: More e-scams

By Richard Burnett | Tribune Newspapers: The Orlando Sentinel November 26, 2007

ORLANDO – Just in time for “Cyber Monday” and the online holiday shopping rush: A new round of bogus e-mail, identity-theft experts say.

Have you won $2 million in a Christmas sweepstakes held by Coca-Cola in the United Kingdom? Can you make big bucks just by cashing checks for an Irish researcher, Chinese exporter or rich oil consultant in Dubai? Is there a problem with your account at Bank of America, JPMorgan Chase, eBay or PayPal?

No. But you might think so if you fall for some of the recent e-mail scams infesting the Internet.

More

Continue Reading

Final Rules Issued for Identity Theft Prevention

Published on 06 November 2007 by Nick Fishman in Compliance, Identity Theft, Legislative Updates, Newsworthy Items

1

The FTC and the federal financial institution regulatory agencies have submitted their final rules and guidelines on how creditors and financial institutions must handle identity theft “red flags” and address discrepancies.

Highlights of the rules include the following measures that must be taken:

1. Identify relevant patterns, practices, and specific forms of activity that are “red flags” signaling possible identity theft and incorporate those red flags into the Program;
2. Detect red flags that have been incorporated into the Program;
3. Respond appropriately to any red flags that are detected to prevent and mitigate identity theft; and
4. Ensure the Program is updated periodically to reflect changes in risks from identity theft.

These guidelines seem like things you would think most creditors and financial institutions would already be doing. Hopefully, these measures can help protect consumers.

Click here to view the entire FTC Release

Continue Reading

Identity theft gets the wrong person arrested.

Published on 24 October 2007 by Jason Morris in Background Checks in States, Identity Theft, Newsworthy Items

0

I found this story very interesting and a great tie-in for background checks.

CHARLOTTE, Tenn. – A Dickson County woman wanted by police turned out to be the real victim.

Police arrested Brandi King for allegedly failing to appear in Maury County court on a shoplifting charge.

More

Continue Reading

« First« 1 2 3 4
All information contained on this website is provided by employeescreenIQ solely for the convenience of the site viewers. employeescreenIQ is not providing legal advice or counsel and nothing provided on this website or otherwise by employeescreenIQ should be deemed as legal guidance or advice. Users are solely responsible for complying with all local, state, and federal laws relating to the use of any information provided on this website and any information products provided by employeescreenIQ. Users should consult with their own legal counsel if they have questions regarding their legal responsibilities or any information provided by employeescreenIQ.