Workplace of Choice

At first glance you might think Identity Theft falls outside the scope of HR.  However, in looking closer at two identity theft laws that will soon impact Massachusetts businesses, you might change your mind...

As of August 1, 2009, the Federal Trade Commission (FTC) will begin enforcing its "Red Flag Rules". These "Red Flag Rules" are intended to protect the consumer against two things:

1. The unauthorized use of his/her identity to open or attempt to open an account in the consumer's name and;
2. The misuse of a consumer's existing account.

Companies must be alert to warning signs, or "Red Flags".  A "Red Flag" is any suspicious activity that could indicate identity theft in the making.  Affected organizations are required to develop and implement a written program to combat this problem.

The second phase of the MA Data Security Breach Law will take effect January 1, 2010.  This phase of the law requires that any organization that owns or licenses "Personal Information " must have two important policies in place:

1. They must have implemented a written program that describes how Personal Information is protected and;
2. They must adopt computer system security measures to reduce the risk of compromised Personal Information.

Are your HR policies set up to support these upcoming requirements?  As a result of these statutes, Human Resources will need to review their HR policies, Employee Handbook and policies surrounding Personal Information.