How Safe Is Your Idenity

I was at a doctor’s office last week. The X-ray technician came out and asked for me by first name. I followed her through the door and she checked my last name. She told me that they are not allowed to say a person’s first and last name in front of other patients. Why did this happen? It is all part of the current effort to prevent identity theft.

A couple of years ago Massachusetts passed a very tough data security law. The law imposes strict security procedures on any business that collects personal information? The law has had several implementation dates that have been postponed. Currently the drop-dead date is March 1, 2010. The general consensus is that the date will not be postponed again.

What is interesting is that your first and last names as well as your address are not considered personal information. Thus, the law does not cover the basic demographic information kept in your contact manager. However, if you combine your client’s first name or initial and last name with a list of other information then you become subject to the law. The other information covered by the data security law are: Social Security Number, Drivers License Number, State Issued ID Card Number, Credit Card Number, Debit Card Number, or Financial Account Number. The last one is interesting because checks have first and last name and the financial account number. So every time you send a check to someone you are risking identity theft.

Whom does this law cover? Any business that collects personal information from its customers must comply. If you sell a product to a customer and they pay you any way other than cash, you have to follow the law. That pretty much covers all companies. How many businesses accept only cash? Practically none. So the only folks who are not covered by the law are drug dealers and other illegitimate businesses. (Wouldn’t it be interesting if such businesses could not be caught for their more dangerous activities but did get caught by the Data Security Breach Law)?

What does this law cover? Any physical or electronic files that contain the covered information are subject to the law. So if you have names in one file and credit card numbers in another file and no method for connecting the two files you would not come under the jurisdiction of the law. Not many businesses would do this—it would make your business difficult to manage.

The law requires four things:

1. Assess your files and systems to indentify Personal Information.
2. Adopt policies and procedures to protect the information.
3. Destroy the information on a regular basis as required by law.
4. Report any unauthorized use or acquisition of the information.

Your policies and procedures must be in writing.

My next blog will cover HOW you protect your data and any physical records you have.

New Homeowners Credit Revisited Again

The new homeowner’s credit mentioned a couple of times in my previous blogs expires in about two months. To take advantage of this credit you must actually close on your new house by November 30, 2009. You also must fit the IRS definition of being a new homeowner, which is you must not have owned a home in the three years prior to the closing on your new home.

With the slow pace of mortgage approvals you need to identify the house now and get the mortgage process moving to be able to close by November 30th. We refinanced our house starting in January of this year and did not close until the first week of April. A three month turnaround is not acceptable if you want to take advantage of the credit. $8,000 is a lot of money to lose out on.

See my blog of February 25, 2009 for more information on this credit.