Identity theft – what are you doing about it?
National Fraud Prevention Week has raised the issue of ID theft. Jonanthan Westlake offers some useful advice.
The 12th – 18th October, 2009 saw the fifth annual National ID Fraud Prevention week and comprehensive advice can be found on www.stop-idfraud.co.uk for both individuals and more importantly in my view for businesses. The key ingredient of ID fraud of course is personal data.
I am always wary of reading too much into statistics but recent evidence quoted on the site makes for disappointing reading. It is obvious that UK businesses are still not doing enough to create and encourage a climate to combat the threats of id fraud.
It is interesting to briefly reflect on why this is the case. Perhaps firms and employees have become bored with the constant publicity about the subject, perhaps we are resigned to a world where fraud is inevitable?
While this could provoke an interesting debate I am more interested in recommending a number of practical measures a firm can employ to combat ID fraud and techniques to encourage all employees to be a part of the solution. I am also conscious of maximising the most benefit for little or zero cost!
The initial recommendation would be for you to review your business context. Where does personal data originate from and where does it reside? This typically will be a combination of electronic data and paper document data. Keep it simple and you should be able to produce a sketch which indicates areas of concern, for example, document storage; document disposal; transfer of data requests; equipment disposal.
Having identified areas of concern the next recommendation is to focus on each of these in turn. If an existing process/procedure already exists for data handling then review it – is it secure? If no process/procedure exists then consider developing one asap. Delegate this task to individuals or department concerned. The process review needs to be quick and include any recommendations for equipment and training.
The final recommendation is to use the material freely available on the stop-idfraud website. For example, print off the posters and place on notice boards at your firm; include a quick review of the data handling subject/process in normal day to day meetings. Both of these measures will raise the awareness of employees and encourage best practice both at work and at home as part of normal everyday business.
