Compliance Counts: Make sure you know about Identity Theft Protection Laws

by Brenda Eaden 

Sign up for her seminar “How Identity Theft Laws Impact Your Business” to be held on Tuesday, May 17th

image credit: jscreationzs

It is no secret identity theft can have damaging affects on consumer lives and businesses alike.  Consumer outcry this past decade demanding businesses protect their personal information (PI) has been the driving force behind formation of state and federal protection legislation.

Identity theft and privacy legislation should be viewed as a wakeup call for all businesses.  When asked, at a Security Conference in San Francisco, how businesses are suppose to know of the existence of identity theft legislation Former Federal Trade Commission (FTC) Chairman Deborah Platt Majoras responded by saying “It is the responsibility of anyone in business to seek out information on applicable identity theft laws which require compliance.”

For the past decade, lawmakers have been crafting and amending identity theft legislation in direct response to the millions of victims filing complaints received at the FTC in addition to the growing list of businesses who have experienced networks hacks and data breaches.

Since 2008, attacks against small business have been on the rise.  Simply said, any business collecting personal information (i.e., name, address, phone, banking info, SSN, driver license, email addresses etc.), is a target. Those collecting PI are in scope of compliance and must look to laws as guidance in protecting all sensitive information collected in the course of conducting business.

Oregon ID Theft  Law

Oregon businesses should pay particular attention to the “Oregon Identity Theft Consumer Protection Act” as this requires certain business practices be in place which not only protects customers but full compliance also serves to protect businesses against fines, penalties, sanctions, civil lawsuits and mounting defensive legal bills.

Federal ID Theft Law

Another federal privacy law, “Red Flags Rule” went into effect November 1, 2008.  After several years of debate coupled with lawsuits filed by healthcare and legal organizations, the FTC enforcement of this law finally went into affect January 1, 2011.  Businesses in scope of compliance with Red Flags Rule are those who directly extend “credit” for purchases of goods and services to customers or businesses using 3^rd party financing in conjunction with sharing collected PI with the credit bureaus.

Payment Card Industry Requires Compliance

If a business accepts bank cards for transactions or payments, that business also needs to be in full compliance with the payment card industry data security requirements known as “Payment Card Industry Data Security Standards” or “PCI DSS”. Failure to adhere to payment card compliance standards can also result in fines and penalties in addition to those issued by state and federal agencies.

IT Support & Security Compliance Myth

Many small business owners are under assumption and misconception the person or contract business tasked with managing their IT services have compliance requirements well under control.  This cannot be further from reality.  Truth is, it is rare the responsibility of compliance is even a function of services provided by anyone conducting IT support ¾ meaning most likely a small business not addressing compliance internally as part of its best practices is out of full compliance with state and federal privacy laws as well as payment card industry requirements.

To learn more about identity theft legislation and the impact on your business, Mercy Corps Northwest invites you to register for “How Identity Theft Laws Impact Your Business” to be held on Tuesday, May 17th

About the Presenter 

Brenda Eaden, Security Compliance Tools

Brenda Eaden has enjoyed a rich 20+ year background within the technology industry.  Career emphasis has been in the area of sales management, marketing, development of education courses and computer security tools coupled with teaching and training.

Overseeing constant global research and working closely with state and federal policy makers have been key components in IDTELi’s ability to provide this country with its first formal cross-industry education courses on identity theft awareness and prevention.

As a subject matter expert on identity theft, Brenda is frequently sought out to speak on the topic of ID theft, laws and available Security Compliance Tools before television and organization audiences.

“Face the Fear and Move On” by Barbara Saunders

Barbara Saunders delivered an excellent seminar last Thursday on business models based on multiple revenue streams.  This article from her blog set the scene for the presentation. Barbara works with self-employed solo professionals (who she calls “Solo Pros”) to gain confidence, adopt smart business practices, and increase revenue. This is an excerpt of her article, full version here. Read her other posts on The International Association of Self-Employed Communications Professionals Blog here.

Be a Lion

The Cowardly Lion was the one that was always scared – “I do believe in spooks!” Yet he was the one that led the charge against the Wicked Witch and her monkey minions. Well, eventually…

Fear can be paralyzing. It robs us of our peace and potential. Being in business can be scary. Things can move fast – especially on the internet. You don’t have time for fear. I would love to empower you to turn your fear into excitement.

Tips To Help You Move On:

I’m not good enough.
One of the most common fears, especially for those that are recently laid off, is “I’m not good enough to have my own business”. Get over it already. You’re a professional with years of experience. Yes, there are some new technologies to learn to run your business. That’s good news. It makes business so easy now. Yes, there are some new marketing tactics to master. Think of it as on-the-job training. Jump in and start swimming.

There’s another angle to this. As creative professionals, we can tweak and edit until the cows come home. Guess what? No body cares if the comma is in the wrong place. Nobody cares if your image is a few pixels to the left. Just get on with it already. Get yourself out there. Listen to what your target market needs and create the solution for them. Keep it simple at first. The point is to move. The longer you wait and worry, the bigger your fears will become. Good is good enough, get on with it.

My own business might not provide me with a ‘guaranteed income’.
There are no guarantees in anything, move on. Remember that job you were laid off from? You worked hard and got laid off anyway. At least when it’s your own business you are the one that benefits from your own hard work. And when it’s not working, you can change it. You’re in control of where you’re going. That’s way better than any guarantees. Besides why should any guarantee put a limit on what you can earn?…

This is an excerpt of her article, full version here. 

About the Author

Barbara Saunders, IASECP

Barbara Saunders is a publication designer and has run a successful solo pro business for more than a decade. She is the Director of the International Association of Self-Employed Communication Professionals and the Solo Pro Academy (www.IASECP.com). It’s our mission to build community and help creative solo pros build and run successful businesses by providing support, innovation, tools, and strategies. Our goal is to liberate our members from the feast and famine cycle.