Identity Theft and the Workplace
Identity theft as a crime may not appear to be closely associated with the concerns and responsibilities of human resources personnel. Important current issue? Yes. The daily concern of a company filing its customers’ personal information? Absolutely. A company obviously must take adequate steps to protect the confidential information of its customers. But exactly where and how does ID theft become a concern for HR personnel?
The answer becomes a little more obvious when you consider just how much personal information about your company’s employees a file cabinet full of HR paperwork contains. Just think of all the personal information that can be found in personnel files and other forms and documents you have to maintain for taxes and state and federal laws. Increasingly, employers are being held liable for any harm their employees suffer because of a workplace breach of their confidential information.
Congress and many state legislatures have passed legislation geared at protecting confidential information in the workplace, and additional legislative protections are being proposed all the time. Federal laws regarding protection of customers and employees confidential information include the Fair and Accurate Credit Transactions Act (FACT Act) and the Fair Credit Reporting Act (FCRA). In addition, it appears that the courts are primed for holding employers liable for losses of their employees’ confidential information, even in the absence of a specific law requiring them to protect it.
Finally, you should remember that protecting your employees from identity theft is in your company’s best interest for a number of other reasons, not the least of which is the bottom line. When an employee’s identity is stolen, her productivity at work will inevitably be affected as she is forced to use regular business hours to notify all the appropriate entities in an effort to correct the problem.
Obviously, you can’t completely insulate your employees from ID theft, but you can take reasonable steps to protect them from it in the workplace. Despite the large-scale computer breaches frequently in the news today, workplace identity theft isn’t much different now than it was 10 or 20 years ago. Even for all of the increased reliance on networked computing, however, the most common scenario appears to be the one in which a single employee gains access to the hard, paper version of personal information about the company’s other employees or customers.