Identity Theft In The Business World

What should you, as a business person, do if you believe your records have been accessed by unauthorized personnel or even unethical employees that might commit identity theft? The answers may not be the same in all cases, knowledge about the process and guidance from the Federal Trade Commission (FTC) can help you learn how to deal with the situation with as little pain as possible. Of course, you should check into any state or federal laws that may apply to your specific type of business to ensure that these are the only measures you need to take.

Whenever there is any loss of data security, your first step is to call the local police right away. Tell them who you are, what your business is and does and what data may have been stolen. Should your local police not be experienced with this type of problem or you have a great deal of very sensitive information stolen, you should also call the FBI or U.S. Secret Service. If the loss of information integrity involves mail theft, contact the U.S. Postal Inspection Service.

Determine if the information compromised will potentially impact businesses other than your own. Banks, credit card issuers and other business owners are the likely entities that might be harmed by a security breach where personal information is stolen. You should first call the businesses and follow up in writing to alert them to the potential threat.

In the event that names along with the connected social security numbers have been stolen by identity thieves, you should contact the three major credit reporting agencies for information and advice. If the number of records is large, you should advice the credit reporting agencies that you are recommending that people ask that Fraud Alerts be placed in their credit reporting files. This can help these agencies when they receive a huge number of requests.

The task of notifying individual people who may be endangered because of the information stolen from your business must also be accomplished. The sooner each person knows what has happened, the better they can protect themselves from potential damage. These people need to know what type of information someone may have about them and whether or not their social security numbers or credit card numbers may be involved.

The FTC recommends that you consult your law enforcement agencies about the timing of this notification process to ensure that their investigation is not hampered by your notification to individuals. The FTC also suggests that you designate one person as the contact person for releasing information and that the designee has all the latest information at hand and knows exactly what to release to what person or agency.