Training is critically important to organizational success and development. However, training done improperly can be detrimental to the company. When it comes to end user training, consider hiring an IT security company to ensure the training is done by a knowledgeable professional who has your company’s best interests in mind. We all have to do training eventually, so you might as well do it right the first time. (more…)
Here we go! It’s 2016 and your company needs a serious update to its information technology (IT). Computer software has evolved tremendously. These programs can help our businesses accomplish almost anything. If this is the case, then why are so many companies having problems with using software successfully? This is a cyber security nightmare. Here are the top mistakes companies make training end users on IT: (more…)
Data breaches happen every day all around the world. Experienced hackers continue to find the most vulnerable people and businesses to expose. Data breaches occur when there is a lack of strong and effective protection and potential for high reward. We have outlined the hacker’s recipe for an ideal data breach. (more…)
According to the Federal Bureau of Investigation’s (FBI) Financial Crimes Report, the crime of criminal identity fraud is the involvement of the “…misuse of another individual’s personal identifying information for fraudulent purposes”.
The severity of criminal identity fraud ranges. The Rhode Island Identity Theft Protection Act is focused on serious acts of identity theft. Such acts include obtaining another individual’s personal information with the intent to compromise his or her assets. All are illegal, whether it is locally, stately, or federally.
A 2006 survey conducted by the Federal Trade Commission (FTC) stated that 255,565 Americans were victims of some type of identity fraud or theft in 2005. This figure accounts for 37% of all criminal fraud crimes reported – a staggering number of victims for the year 2005. Here we are 10+ years later, and the situation has not improved.
The Rhode Island Identity Theft Protection Act
The State of Rhode Island and the Providence Plantations recently amended the Rhode Island Identity Theft Protection Act. The changes became effective on June 26, 2016. Data security measures and breach notification laws have now changed. View the document here.
Here are a few of the highlights:
- Rhode Island Attorney General and major credit reporting agencies must be notified of any breaches affecting 500+ residents
- Businesses must destroy secure information of clients. Secure information can only be kept for the duration of the services provided.
- Protecting personal information of Rhode Island residents is a requirement that requires maintained policies and procedures.
- “Personal information” now includes all of the following: social security number; driver’s license number or state/tribal identification number; bank account numbers; credit or debit card numbers; medical or health insurance information; email addresses provided with passwords that allow access to personal information
- Data must now be encrypted in, “a form in which there is a low probability of assigning meaning without use of a confidential process or key.”
Title 18: Part I – Chapter 47, Section 1028b of the United States Sentencing Commission’s Identity Theft Report, states that the sentencing guidelines for one count of the crime of identity fraud are a fine which depends on the severity of the crime and/or imprisonment for a maximum of one, three, or five years depending on the particular circumstances of the offense.
The punishments were made more severe in 1998 with the implementation of the Identity Theft and Assumption Deterrence Act. This legislation made the crime of identity theft punishable by a maximum $250,000 fine and/or a maximum of 15 years in federal prison, per count.
The expansion of the Rhode Island Identity Theft Protection Act is important for all Rhode Island businesses. Are you compliant with the new regulations? If not, then your business could face some serious penalties. Consult a reputable and local IT security company to go over your policies and practices. A simple audit could help save your business thousands of dollars of penalties.