$1,000,000 in fines or 10 years in prison!You may already be aware, that since our government has been unable to stop ID Theft, laws have been passed that shifts the responsibility, cost and legal liability for ID Theft on to businesses, such as yours. The problem of ID Theft continues to grow in severity, both in terms of frequency and associated costs and the workplace ranks as the number one source of ID Theft. Identity theft happens once every four seconds in the United States. Since 2005, over 250 million records have been lost or stolen from companies. The Federal Trade Commission (FTC) estimated that identity theft crimes tallied $52.6 billion in 2004, or almost $200 for every man, woman, and child in the U.S. ID Theft has been the fastest growing crime in the U.S. for the past three years, according to the FTC, which predicts that in five years, the majority of Americans will have been victimized by identity theft. It's ranked the Number One concern of law enforcement for the next decade, largely because it can't be stopped. On June 1, 2005, a new provision of the Fair and Accurate Credit Transactions Act (FACTA) took effect. It states that a business whose action, or inaction, results in the loss of employee or customer information can be fined by federal and state government, and sued in civil court.On January 1, 2008, the Red Flags Rule became law with a mandatory compliance date of Nov 1, 2008.The compliance date was pushed back until August 1, 2009 because the majority of businesses did not realize that they were required to comply because they felt they were not considered a "Creditor." The FTC released an enforcement policy which defines a creditor as "any person that provides a product or service for which the customer pays after delivery." This almost defines every business. FACTA, The Fair Credit Reporting Act, and The Gramm, Leach, Bliley Act (Safeguard Rules), generally require business entities, non-profit organizations, and governmental bodies to: 1) Appoint, in writing, an Information Security Officer who will oversee the Identity Theft Program, 2) Develop a written plan and policy to protect Non-Public Information (NPI) and Personal Identifiable, Information (PII) for employees and customers, 3) Hold mandatory Identity Theft training for all employees and management, 4) Oversee Service Provider (Vendors) arrangements, 5) Have a mitigation plan in place in case of an Identity Theft or Security Data Breach. An article published January 19, 2006 in Business Legal Reports, "Identity Theft: Limiting Your Employees' Risk – And Your Liability" recommended the following: One solution that provides an affirmative defense against potential fines, fees, And lawsuits is to offer Some sort of identity theft protection as an employee benefit. An employer can choose whether or not to pay for this benefit. The key is to make the protection available, and have a mandatory employee meeting on identity theft and the protection you are making available, similar to what most employers do for health insurance. Employees can either elect to accept or decline identity the ft coverage. Moreover, in the American Bar Association Journal, March 2006 – "Stolen Lives" Betsy Broder of the FTC said "We will act against businesses that fail to protect their data." She understands that most small businesses cannot be expected to hire a fulltime privacy specialist but adds that all businessesmustbe able to show that they have a security plan in place. "We're not looking for a perfect system…But we need to see that you've taken reasonable steps to protect your customers' information." We educate consumers and businesses about identity theft, their risks and how to minimize the impact when it does happen. If you want to learn how to protect yourself, your business, or just have questions, please visit us at http://www.AlliedFraudSolutions.com "Educating North America is our business" ...read more