It’s impossible to write about the Red Flag Rules without an apologetic “stop me if you’ve heard this one before” preface. So don’t shoot the messenger, but the deadline for the Feds’ identity-protecting Red Flag Rules has been delayed. The newest deadline—the fifth—replaces the January 1 deadline with one of June 1, 2010.

Congress created the program in 2003 in an attempt to stem the tide of identity theft by forcing creditors to use a common sense approach to identity theft prevention. It was original

Full Article…

Apparently, hackers stole even more of Express Scripts’ member information than was initially revealed last fall. An additional 1,771 New Hampshire residents are being sent data breach notification letters this week, according to a September 14 letter from Express Scripts.

Express Scripts, one of the world’s largest pharmacy benefits management companies, revealed in November 2008 that hackers demanded ransom in exchange for stolen customer information. Unless the ransom was paid, the hackers threatened to reveal the members’ information.

To strengthen their threat, the hackers sent personal information–including names, birth dates, Social Security numbers and some prescription details–of 75 of the firm’s 50 million customers.

Express Scripts publicly refused to pay the ransom, even after some of their customers received similar letters, extortion attempts and sample employee information. Toyota, gov

Full Article…

Contrary to popular belief, not all of Santa’s elves are jovial, industrious toymakers; there are also evil elves that take temporary holiday retail jobs to commit ID theft and credit fraud. And, they’ll steal your identity in less time than it takes Santa to slip down the chimney.

Big retail stores hire as many as 50 new employees during the holiday season, and many of them don’t get vetted as thoroughly as year-round workers. Adding to the ID theft risk is the fact that these additional employees aren’t management—they double the number of employees management typically oversees.

So, how can shoppers protect themselves from the evil ID theft elves?

• Shop with cash. ID theft

Full Article…

I am traveling to the InSight 2009 Annual Conference in Orlando this week to meet with scores of healthcare organizations struggling in the face of a growing epidemic of issues related to medical identity theft.  In preparation, I have given a great deal of thought to what hospitals can and must do to protect themselves and their patients.

First, let’s examine the challenges that hospitals and health providers are dealing with:

Medical Identity Theft Is Growing:

• Medical identity theft increased 300% between 2007 and 2008
• 85% of healthcare providers experienced a data breach in 2008

Patients Are Unhappy:

• 40% of consumers change their relationship with affected businesses

Regulation is Getting More Complex:

• In 45 states not reporting a data breach is illegal
• Enforcement of the FTC’s Red Flags Rule begins November 1, 2009
• New HHS guidelines require patient notification of data breaches

Costs Are Soaring:

• Data breaches cost an average of $202 per record lost
• The average hospital will spend 450 hours a year meeting Red Flag compliance requirements
• FTC Red Flag fines can be up to $2,500 per incident and up to $11,000 per day per organization

The Diagnosis:  Left untreated, healthcare organizations will remain in critical condition.  Hospitals must come to grips with identity theft, data breaches and compliance in order to lower their financial and legal exposure, maintain patient loyalty and protect their reputations with regulators, the media and the public.

The Treatment Plan:  Hospitals must be proactive.  Simple, cost-effective steps can be taken that will dramatically improve the chances of avoiding harm.

• Build a data breach-free environment.  This go

Full Article…

The Minnesota Department of Commerce said you can add ID theft, forgery and theft to the long list or reasons for hating bill collectors. And, if you wondered where all that money went when you closed on your house, it might be that your title company kept the premium.

The Department of Commerce investigated bill collector Lee Hanna and HS and Associates LLC, a collection agency, and alleges that Hanna committed ID theft by using customer information to open a credit card account, forged checks with the same customer’s name and transferred client money from the company’s trust accounts and operating accounts for personal expenses, including bar tabs and rent.

The credit card account opened by ID theft was charged $14,389.91; the two forged checks totaled $6,500 and the client money inappropriately used for personal expenses was in the amount of $19,000, according to the department.

In an unrelated investigation, First Financial Services Inc., another collection agency, was found to have duped a bank into issuing a $40,000 check to the collection agency from the accounts of two consumers First Financial had repeatedly contacted in reference to purported debts.

The company is accused of ID theft, forgery and providing false information to the Minnesota Department of Commerce.

Finally, Andrew Morris and Morris Abstract and Title Inc. are

Full Article…