It’s impossible to write about the Red Flag Rules without an apologetic “stop me if you’ve heard this one before” preface. So don’t shoot the messenger, but the deadline for the Feds’ identity-protecting Red Flag Rules has been delayed. The newest deadline—the fifth—replaces the January 1 deadline with one of June 1, 2010.

Congress created the program in 2003 in an attempt to stem the tide of identity theft by forcing creditors to use a common sense approach to identity theft prevention. It was original

Full Article…

Apparently, hackers stole even more of Express Scripts’ member information than was initially revealed last fall. An additional 1,771 New Hampshire residents are being sent data breach notification letters this week, according to a September 14 letter from Express Scripts.

Express Scripts, one of the world’s largest pharmacy benefits management companies, revealed in November 2008 that hackers demanded ransom in exchange for stolen customer information. Unl

Full Article…

Contrary to popular belief, not all of Santa’s elves are jovial, industrious toymakers; there are also evil elves that take temporary holiday retail jobs to commit ID theft and credit fraud. And, they’ll steal your identity in less time than it takes Santa to slip down the chimney.

Big retail stores hire as many as 50 new employees during the holiday season, and many of them don’t get vetted as thoroughly as year-round workers. Addin

Full Article…

I am traveling to the InSight 2009 Annual Conference in Orlando this week to meet with scores of healthcare organizations struggling in the face of a growing epidemic of issues related to medical identity theft.  In preparation, I have given a great deal of thought to what hospitals can and must do to protect themselves and their patients.

First, let’s examine the challenges that hospitals and health providers are dealing with:

Medical Identity Theft Is Growing:

• Medical identity theft increased 300% between 2007 and 2008
• 85% of healthcare providers experienced a data breach in 2008

Patients Are Unhappy:

• 40% of consumers change their relationship with affected businesses

Regulation is Getting More Complex:

• In 45 states not reporting a data breach is illegal
• Enforcement of the FTC’s Red Flags Rule begins November 1, 2009
• New HHS guidelines require patient notification of data breaches

Costs Are Soaring:

• Data breaches cost an average of $202 per record lost
• The average hospital will spend 450 hours a year meeting Red Flag compliance requirements
• FTC Red Flag fines can be up to $2,500 per incident and up to $11,000 per day per organization

The Diagnosis:  Left untreated, healthcare organizations will remain in critical condition.  Hospitals must come to grips with identity theft, data breaches and compliance in order to lower their financial and legal exposure, maintain patient loyalty and protect their reputations with regulators, the media and the public.

The Treatment Plan:  Hospitals must be proactive.  Simple, cost-effective steps can be taken that will dramatically improve the chances of avoiding harm.

• Build a data breach-free environment.  This go

Full Article…

The Minnesota Department of Commerce said you can add ID theft, forgery and theft to the long list or reasons for hating bill collectors.

Full Article…

Adeniyi Adeyemi, a computer technician at the Bank of New York Mellon, was indicted on 149 counts of grand larceny, ID theft, money laundering, scheme to defraud, computer tampering and unlawful possession of personal identification information.

The Manhattan district attorney’s office accused 27-year-old Adeyemi of committing ID theft against more than 150 of his coworkers at the bank and using their identities to steal more than $1.1 million from charities and non-profit organizations over a period of more than seven years.

The ID theft took place from November 2001 to April 2009. A

Full Article…