Sunday, July 24, 2011

Worried About Identity Theft? Some Thoughts.......

As I’m sure mostly everyone is aware, Sony’s Playstation 3 on-line network and Qriocity streaming video and music service were hacked and were offline from April 20, 2012 to May 14, with all services restored by May 31, 2011.  According to Sony, as many as 77 million subscribers may have subject to privacy invasion, involving sensitive information including credit card numbers, security information, and purchase history.

According to a story published in the International Business Times, Sony has issued apologies for the breach and vowed to pay damages to affected users.
The problem this brings to light is how do today’s businesses protect themselves from these types of data breaches going forward? 
In today’s information age, the likelihood of future identity breaches is a constant threat.  There are identity protection services popping up all over the internet.  If you were to “Bing” identity theft companies, you’d get over 2.4 million results.  Google provides even more stunning results, more than 14 million companies providing the service!
But should the Consumer have to pay for this protection themselves?  Many people do….but is it necessary?  A little known fact is that the government passed an act called the “Red Flag Rules” as part of the Fair and Accurate Credit Transactions Act in 2003.  In summary, this Act requires financial institutions and creditors to provide for the identification, detection, and response to patterns, practices, or specific activities, known as Red flags, which could indicate identity theft.  These programs are required to be in place by November 2009.

According to Chris Heidkamp, VP of Channel Sales at Securus Identity Solutions, “While the Red Flag Compliance regulations don’t legally require any specific type of program be put in place, many corporations have neglected to implement any identity theft program because they felt the cost was prohibitive.  That is simply not the case any longer.”
According to Heidkamp, “programs can start as low as 15¢ per subscriber per month. This protection can provide the consumer the peace of mind they’re looking for in the event of a data breach like those seen at Sony and Epsilon.  Many of us have received the letters regarding the Epsilon breach, coming from merchants like Verizon, Hilton Hotels, Air Miles, Best Buy, Citigroup, and Walgreens.  This heartache can be avoided with the addition of a corporate identity protection program.”
It would seem it would be worth a phone call to your utility company or other monthly creditor to determine whether they have an identity program you can participate in.  Ask for the company’s position and business plan for “Red Flag Compliance” and you may just avoid the cost of a personal identity protection program.
If you would like any additional information on Red Flag Compliance, please contact me directly at @Dave Hanron or Mr. Heidkamp @ChrisHeidkamp on Twitter or