Your personal information is ‘out there.’ It has been shared with enough organizations throughout your lifetime that you can’t always protect your identity yourself. Take a couple minutes and think about whom you have shared your personal information with…doctor’s offices, dentists, schools, employers, banks, insurance companies, tax preparers and the list goes on. What are those organizations doing to protect your information? As careful as you are at protecting your identity, you have no control over what these other organizations are doing to protect your personal information.

Take a look from the other side of the table now and consider what you and your company are doing to protect employee and client information. Your company’s industry may have strict guidelines and regulations that mandate safeguards be put in place. Your company may have processes and procedures to mitigate the risk of losing this information. These processes and procedures should cover data collection, access controls, and data retention.

• Does your company need all of the personal information it is collecting? If not, why accept the additional risk of having this information?
• Is access to personal information limited to those who need it to do their jobs? This includes access to electronic records, and paper records.
• Is your company retaining personal information for a period longer than necessary, or in an unsecure format? If your company is not required to retain personal information and doesn’t need this information, don’t store it. If it does need this information, be sure it is stored safely and securely. This may mean encrypting electronic data.
• If your organization has policies and procedures in place, be sure to adhere to them. These policies and procedures are only as good as the people in your company. If your organization doesn’t have policies and procedures in place, take the initiative and suggest policies be drawn up. The American Institute of Certified Public Accountants is a good resource to begin your research on proven ways to protect personal information.

There is a great article in the Journal of Accountancy which goes into more specifics in these areas.

I get emails from consumers all over the United States and even in other countries, pointing out the latest scams to separate you from your precious identity. You never know how clever an identity thief can be until one slips under your radar. Don’t let it happen to you! Take a look at these sneaky tales of identity theft and protect yourself from anything like them happening to you.

Cell Phone Trickery

A woman had her handbag – containing her cell phone, wallet, credit cards, etc., stolen from her grocery cart. She called her husband a short twenty minutes later to tell him what had happened and he said, “I received your text asking about our Pin number and I replied a little while ago.” Need less to say, she hadn’t sent him any text. The thief had seen the “Hubby” number on her phone, texted a request for the PIN, and voila! Hundreds of dollars were gone from her ATM account.

Lessons to learn

• Don’t identify people or numbers by personal nicknames like “Hubby,” “Sweetheart,” or even “Home.”
• When you are asked for information, don’t assume you know who is asking. Call and speak to the person to confirm, and if you don’t know who it is, DON’T reveal the information.

Credit Card Switcheroo

A man went to his local gym and placed his belongings in a locker as usual. When he returned after his workout he noticed the locker was open so he checked his belongings—wallet, cash, keys, phone, everything in place. Nothing appeared to be missing. And yet, when he returned from vacation and finally found time to review his bank statements, he was stunned to see that charges totaling a whopping $14,000 where made on his debit card. Apparently, the thief had stolen his card and replaced it with another credit card—an expired one—issued by the same bank. The man hadn’t noticed because didn’t use it regularly.

Worst of all, the credit card company refused to pay the charges because the card had not been reported stolen. Ouch!

Lessons to learn

• Check carefully when something suspicious happens. Your personal information is worth a few minutes of looking at everything in your wallet if you suspect that someone has been snooping.
• Have a special set of gym-only stuff that travels with you to that locker room so you aren’t leaving everything about yourself in one easily compromised place.
• If you don’t want your life tipped upside down due to a thief stealing your wallet (or identity) –then you need LifeLock. WalletLock, a service included in a LifeLock membership, takes the time, panic and hassle out of a lost or stolen wallet.

As you can see, the people who would steal your identity are getting craftier, so you have to become even more careful. Don’t let these scams happen to you! With knowledge there’s power and with power there’s peace of mind –and with peace of mind there’s LifeLock!

Students be aware, university data breaches have resulted in a new tact for identity thieves. Recently, I have received several emails to both my personal and school account reporting to be from my university. Similar to the fraud email from “your bank,” this email denotes a need for you to reaffirm who you are and ensure that the university has registered the correct student in order to remain on track for graduation. The good news is that the data breach must have only compromised my school information (school id number, email, GPA, etc.). The bad news, not every student is a former identity theft victim and will think twice before responding. Thus, it is ever more important for students to remain informed and remember that for every lock we put in place, another thief is looking to find a new way in.

Moreover, recently the FTC released its yearly report on the statistics concerning identity theft. Many things had increased. From the number of cases, to the cost; however, one statistic stood out so strongly above the rest for this victim. The number of cases that get reported to the FTC and not the local authorities was among the highest for the 2008 year. This means that victims of the crime are reporting the crime to their credit companies and the then to the FTC without reporting the crime to the police. Maybe if more people report the crime to the police, more effort will be put forth to go after and stop these criminals. From students to teachers to families, everyone needs to do everything they can to keep thieves away from our personal identifying information.

If more of us report the crime, we not only protect ourselves, but also increase the safety net for our communities. Simply because the crime has increased in number for the last five years doesn’t mean this year has to be the same. With the right tools and drive we can put a stop to identity theft. Either by doing it yourself or having a company lock up your identity, we all have the ability to stay safe and start putting the pressure on thieves. It all starts by empowering and protecting yourself, then your family, then your community. Working together we can all put an end to the phishing emails as well as affect the outcome of the FTC 2009 statistics on identity theft.