Full Newsletter   Newsletter Archives

  Stambaugh Ness    SN Business Solutions               



Printable version 

Identity theft can happen in many ways, but have you given any thought to how your employees' personal financial information could be compromised in the workplace? Responsible employers should take steps to store and handle this valuable information with care to protect the identity of their employees and help prevent both employees' financial ruin and that of the company.

 







Payroll records, for example, include basic identity information such as social security numbers but also can include health insurance, bank account information and more. Additionally, customers and vendors entrust your company with their sensitive financial information.

According to the American Payroll Association, "Data breaches happen in the United States nearly every day. A thief using another person's identity can steal money, ruin credit histories that have taken years to build, and generally cause havoc for the victim. Businesses can also be victims, since a data breach ... can tarnish a business' reputation and incur costs in complying with state laws on data breach notification."

The Association recommends taking the following steps to help prevent fraud within your company:

  • Assess what information you're storing, and where, and who has access to it. This would include computers, network drives, file cabinets, emails, diskettes, tapes, thumb drives, and even home computers of those employees who telecommute.

  • Make sure you dispose of information so that it cannot be reconstructed or read.

  • Don't store sensitive information that you don't need such as stock application forms that might bear social security numbers.

  • Take definite steps to ensure file cabinets and drawers are locked if necessary, implement a clean desk policy, track package shipments and monitor offsite storage.

  • Keeping sensitive information on laptop hard drives is also very risky, so laptops should have access to the company's central computers for storage.

  • Educate your employees to be aware of "phishing schemes" in which unsolicited emails ask for sensitive data.

If a breach occurs, a company should notify law enforcement, consumers, customers, credit bureaus and other companies that may be affected. Although federal law has been slow to develop in this area, 45 states now have laws to address companies' responsibilities if a breach should occur.

One thing is certain in this uncertain business environment: doing nothing is not an option.

If you need help in assessing and setting up fraud prevention controls in your company, please contact Tamy F. Laughman at 717-757-6999 or 800-745-8233, or send her an email by using the form below. Tamy is a Certified Fraud Examiner. She currently serves as Vice-President of the Central Penn Chapter of the ACFE (Association of Certified Fraud Examiners).

Register now for one of our FREE Annual Payroll Seminars, now scheduled in three locations. Find out more by visiting our website.
 Save article  Email Firm  Email to a Friend
Is this item worthy of implementation? Yes No Maybe
Is this item worth sharing with other associates? Yes No Maybe
Did this item present value to you and your business? Yes No Maybe
Comments:

Our firm provides the information in this e-newsletter for general guidance only, and does not constitute the provision of legal advice, tax advice, accounting services, investment advice, or professional consulting of any kind. The information provided herein should not be used as a substitute for consultation with professional tax, accounting, legal, or other competent advisers. Before making any decision or taking any action, you should consult a professional adviser who has been provided with all pertinent facts relevant to your particular situation. Tax articles in this e-newsletter are not intended to be used, and cannot be used by any taxpayer, for the purpose of avoiding accuracy-related penalties that may be imposed on the taxpayer. The information is provided "as is," with no assurance or guarantee of completeness, accuracy, or timeliness of the information, and without warranty of any kind, express or implied, including but not limited to warranties of performance, merchantability, and fitness for a particular purpose.

IRS Circular 230 Notice: To ensure compliance with requirements imposed by the IRS, we inform you that any US tax advice contained in this communication is not intended or written to be used, and cannot be used, for the purpose of avoiding penalties under the Internal Revenue Code.