Presentation is loading. Please wait.

Presentation is loading. Please wait.

The Identity Theft Protection Act of 2005 Kim D’Arruda Roy Cooper Attorney General.

Similar presentations


Presentation on theme: "The Identity Theft Protection Act of 2005 Kim D’Arruda Roy Cooper Attorney General."— Presentation transcript:

1 The Identity Theft Protection Act of 2005 Kim D’Arruda Roy Cooper Attorney General

2 ID Theft Protection Act of 2005: Statutory Overview Social Security Number Protection Social Security Number Protection Security Freeze Security Freeze Document Destruction Document Destruction Security Breach Security Breach

3 Social Security Number Protection Statutes dictate collection of SSNs Statutes dictate collection of SSNs  By businesses  By government Practical considerations: Practical considerations:  Don’t carry your SS card with you  Don’t carry a Medicare card with you Request free credit report Request free credit report

4 Security Freeze What is it? What is it? How to place it? How to place it? How to remove it? How to remove it? What does it cost? What does it cost?

5 Hypothetical 1 your business is running out of room for old records (some of which contain personal info of employees/customers) your business is running out of room for old records (some of which contain personal info of employees/customers) you determine which records can be disposed of legally you determine which records can be disposed of legally

6 a)... there are recycling bins in the parking lot and the recycling is picked up every Friday evening there are recycling bins in the parking lot and the recycling is picked up every Friday evening you place your old files in the recycle bin one Friday at lunch time before heading to the beach/mountains for the weekend... you place your old files in the recycle bin one Friday at lunch time before heading to the beach/mountains for the weekend...

7 b)... you throw the old files into your trash can to be picked up by the cleaning crew that night... you throw the old files into your trash can to be picked up by the cleaning crew that night...

8 c)... you decide to take your old files to the landfill and dump them... you decide to take your old files to the landfill and dump them...

9 Hypothetical 2 an employee of your company took a laptop home and it was stolen out of his car an employee of your company took a laptop home and it was stolen out of his car personal info of more than 1000 customers was on laptop personal info of more than 1000 customers was on laptop laptop was password protected laptop was password protected 2 days later, the laptop was retrieved 2 days later, the laptop was retrieved it doesn’t appear that the information on the laptop was accessed... it doesn’t appear that the information on the laptop was accessed...

10 Reasonable Measures to Protect Information Reasonable Measures to Protect Information Responsibility of Document Disposal Company Responsibility of Document Disposal Company Exceptions Exceptions Destruction of Personal Information

11 Security Breach Number of breaches AG’s Office has been notified about since Dec. 30, 2005? Number of breaches AG’s Office has been notified about since Dec. 30, 2005? Number of NC residents impacted? Number of NC residents impacted? **as of 11/14/06 -- only includes breaches/numbers reported to AG’s Office; does not include figures from some breaches such as the VA Admin breach 340,972

12 Security Breach Stats **as of 11/14/06 -- only includes breaches/numbers reported to AG’s Office Type of BreachNumber% Stolen Laptops, Computers & Equip % Hackers/ Unauthorized Access % Release/Display of Info % Data Theft by Employee/Contractor58.06% Lost in Transit23.23% Phishing23.23% Total62

13 **as of 11/14/06 -- only includes breaches/numbers reported to AG’s Office

14 Security Breach Stats **as of 11/14/06 -- only includes breaches/numbers reported to AG’s Office Type of BreachNC Residents% Stolen Laptops, Computers & Equip97, % Hackers/ Unauthorized Access6, % Release/Display of Info201, % Data Theft by Employee/Contractor7, % Lost in Transit28, % Phishing160.00% Total340,972

15 Security Breach Stats **as of 11/14/06 -- only includes breaches/numbers reported to AG’s Office Type of EntityNumber% Financial Services/ Insurance % General Business % Healthcare58.06% Government34.84% Educational00.00% Total62

16 Security Breach General Provisions General Provisions What is a Security Breach? What is a Security Breach? Who must notify? Who must notify? Notification Requirements Notification Requirements Additional Notice Requirements Additional Notice Requirements

17 Security Breach = Unauthorized access and acquisition Unauthorized access and acquisition Unencrypted or unredacted records/data Unencrypted or unredacted records/data  Encrypted data only constitutes a breach if the confidential process or key is also acquired Access by an employee in good faith is not a breach as long as the info is used for a legitimate purpose and not further disclosed Access by an employee in good faith is not a breach as long as the info is used for a legitimate purpose and not further disclosed

18 Provided information for you to be able to keep your company or organization in compliance with the Act Provided information for you to be able to keep your company or organization in compliance with the Act Informed you of the Act so you can share the information with Informed you of the Act so you can share the information with your coworkers your coworkers your friends and family your friends and family and last but not least Provided you with a better understanding of how to protect your own identity Provided you with a better understanding of how to protect your own identity Things I Hope I Have Done

19 The Identity Theft Protection Act of Kim D’Arruda Assistant Attorney General


Download ppt "The Identity Theft Protection Act of 2005 Kim D’Arruda Roy Cooper Attorney General."

Similar presentations


Ads by Google