ME&MEE

Today Judith Graham’s blog “Triage” at the Chicago Tribune has two postings with tips on how to protect against and respond to medical identity theft.  Sources include the Identity Theft Resource Center and the World Privacy Forum.  Medical identity theft is an expanding frontier in the crime of identity fraud, and with the decentralization of medical information it can be difficult to discover and resolve.

Medical identity theft can be two different types of crime - strictly financial - where a thief tries to use your insurance to make false claims for procedures that you or anyone else never received.  The trickier, and more potentially dangerous scenario involves someone using your identity to obtain medical treatment.  Not only do you or your insurance company bear the financial burden for the care, but the tests and treatments done on this “phony you” become a part of your medical history, affecting your future care and ability to get insurance.  Depending on the care provider, it can be a chore to get this incorrect information removed from your medical records.

Take a look at the tips and know your rights and action items to help you or someone you know facing this problem.

The Department of Homeland Security has openly acknowledged that federal agents can now legally seize any traveler’s laptop or “any device capable of storing information in digital or analog form” without proof of illegal behavior.

In particular, the business community is expressing their fear over the fact that the government is allowing any content from these devices to be shared between “…other agencies & private groups for any reason.”

The dilemma for Congress currently is that they must review both sides of this policy. The first comes from the public, particularly “business travelers”, who say that this is privacy breach and a disruption to businesses. The second side is that this policy has taken effect in order to protect the country again terrorist attacks, which is an obvious threat that affects everyone.

Corporate risk managers have worried about potential breach of information from laptop seizures or information scans by US and foreign governments as their travelers cross borders.
 

With the growing number of products on the marketplace to “monitor” your identity, the Privacy Rights Clearinghouse has put together some good Q&As to help consumers decide the best strategy to choose for themselves.

Some points that bear repeating

• Credit monitoring can alert you to new accounts being opened in your name, but not for new charges placed on an existing account.
• If you’re very concerned about new accounts being opened in your name and do not plan to open any new lines of credit in the near future, then a security freeze is a much more secure way to prevent new fraudulent accounts from being opened in your name.
• A fraud alert does not freeze your credit but can be done for free by the consumer to provide a bit of extra protection.
• Look at service offerings to see if assistance services are included in the product.  Remember, monitoring services tell you what is happening, but if assistance services are not included, YOU will have to do the job of repairing your identity yourself.  It’s can be a complicated and frustrating job (believe us, we’ve got some experience in that!)

The FTC is executing a study to examine the experience of identity victims when they call into one or more of the credit reporting agencies. The study will focus on consumers who contacted the FTC between January 1 and May 30, 2008.

The base for this study is under the Fair and Accurate Credit Transaction Act of 2003 (FACT Act), which the FTC is using to analyze the remedies that are available to identity theft victims. The overall outcome expected from this study is that the FTC can learn more about  how to better enforce this and other laws that effect these victims and also to better educate both consumers and the reporting industry about their rights and responsibilities.

The President’s Identity Theft Task Force was a strong backer of the survey idea and they are taking the initiative to carry out the entire study.

An Associated Press article out today makes a good point about the government’s mixed messages on social security number uses.  For all the good work the Federal Trade Commission has done on identity theft awareness and prevention, other government agencies aren’t helping us follow the FTC’s advice.   Among some of the contradictory advice, while the FTC tells us to guard our social security number carefully and not keep it in our wallet.  However, the article cites the fact that Medicare insurance cards (44 million of them) include the individual’s social security number.

Some legislators have caught on to the problem and are trying to push through changes.  In the meantime, be as careful as you can with your SSN and check your credit report throughout the year to make sure your identity really is yours.

The Identity Theft Resource Center has released new research citing a 69% increase in data breach disclosures in 2008.   The top reason for a data breach continues to be lost or stolen laptops, but “insider” theft increased percentage wise to nearly 16% of the breaches reported.  Forty-four states and DC now have data breach notification laws, so data breach plans must rising in importance to compliance officers and business managers.  Kudos to the ITRC for the detailed research.

A lot of attention has been given to the need to be cautious with the disposal of personal computers to avoid identity theft.  But what about personal information transmitted through your iPhone?  With a new version coming out soon, cautious users may want to think twice about who they sell it to, according to a post at Crunch Gear.

Was your CEO one of the 20,000 who received a scam email subpoena on Monday?  Brian Krebs at washingtonpost.com reports that about 2,000 victims were tricked into downloading an item that steals account usernames and passwords from banking sites.  A good rule of thumb – any purported serious legal or other business communication rife with English mistakes is probably not what it claims to be.

In other scam news, the Securities and Exchange Commission is going after a phony Latvian brokerage firm that was soliciting job applications on Craig’s List and asking for detailed personal information including social security numbers and date of birth. and then using this information to open brokerage accounts and used transactions within these accounts to make huge profits due to the change in trading volume and stock prices.  Rule of thumb #2, if a job ad sounds too good to be true, it probably is.