|
|
Greetings ~
Fraud prevention is something that we at Hire Image LLC take seriously. As a member of the Association of Certified Fraud Examiners, our aim is to help reduce business fraud in our clients' companies and organizations. Unfortunately, identity theft, scams and white collar crimes abound and, the sad thing is, many of these could have been prevented with proper planning.
In this issue of The Monitor, we present two articles about preventing security breaches. Our guest article is written by Ronald Raether and Mark Mao about the human factor in cyber vulnerability. Raether, a partner in the Cybersecurity, Information Governance and Privacy, and Financial Services Litigation practices, and Mao, a partner specializing in data privacy, are attorneys at Troutman Sanders and are certified by the International Association of Privacy Professionals - the global standard for privacy and data protection law and practice.
We also present updates on Safe Harbor, FCRA compliance, EEOC cases in the news, and more. Be sure to mark your calendars for our November 17th webinar on background screening compliance.
As we begin the 4th quarter of 2015 and as our 10th anniversary year draws to a close, we thank you for celebrating with us and for contributing to our success. We certainly have much to be thankful for, and you - our valued clients, colleagues and friends - are a big part of that. Hire Image will continue to provide you with the highest quality, accredited services possible. Please feel free to contact us for all your background screening, drug testing and verification needs now and into the New Year.
 Christine M. Cunneen
Chief Executive Officer
Hire Image LLC
|
Five Steps to Protect Your Business from a Data Breach
Every organization - from a small nonprofit to a large corporation - keeps sensitive personal information in their files that identifies customers and employees. This "personal identifying information" can include names, Social Security numbers, credit card, license, and account data.
But if sensitive data - even as simple as someone's name - falls into the wrong hands, it can lead to fraud, embezzlement, identity theft, and other crimes that harm either the customer and employee or your business. Losing the trust of your customers  or defending yourself or your company against a lawsuit is at stake, and what business can afford that risk?
What is our federal government doing to protect consumers and business owners? The Federal Trade Commission (FTC) has served as the chief agency on privacy policy and enforcement since the 1970s when it began enforcing one of the first federal privacy laws: the Fair Credit Reporting Act. Since then, technology has raised new privacy challenges in protecting information but the FTC has maintained
|
Accounting For The Human Factor:
Planning, Response, And Litigation
by Ronald Raether, CIPP/US and Mark Mao, CIPT & CIPP/US, Troutman Sanders
Cyber breaches continue to demonstrate that people are the greatest vulnerability for even the most sophisticated organizations. Although it is easy to feel prepared by talking about firewalls, detection software, and encryption methods, employees continue to be the easiest means for hackers to gain access.
Accounting for the human factor requires that the organization take a holistic approach. Human nature should be factored into all aspects of data management, including product planning, incident response, and breach litigation.
Yes, Your Organization Can Survive Human Error
There is an increasing appreciation for how a data breach does not necessarily imply that an organization failed to adhere to the requisite standard of care. For example, in the regulatory context, the Federal Trade Commission (FTC) announced in August 2015 that it would not take any enforcement action against Morgan Stanley for an insider cyber breach. The incident involved Morgan Stanley allegedly configuring the access controls for one limited set of reports improperly, but correcting the problem as soon as it became aware of it. The FTC was satisfied with Morgan Stanley's efforts, noting: "[Morgan Stanley] had a policy limiting employee access to sensitive customer data without a legitimate business need, it monitored the size and frequency of data transfers by employees, it prohibited employee use of flash drives or other devices to download data, and it blocked access to certain highrisk apps and sites." In closing, the FTC hinted that it might not pursue further action if an organization suffers a "human error" but had reasonably appropriate policies in place.
Similarly, in Lozano v. Regents of the University of California, BC55419 (L.A. Super. Ct., filed April 9, 2013), the plaintiff sought $1.25 million in damages against the UCLA health system, arguing that her medical records were improperly accessed by the current romantic partner of her ex-boyfriend, who allegedly used the credentials of a doctor to access and then publish plaintiff's personal health information (PHI). Plaintiff argued that the health system failed to adhere to the requisite standard of care by not requiring a second form of security for access. UCLA disagreed, arguing that it used security protocols
|
Free Webinar:
Minimizing Risk and
Maintaining a
Compliant
Background Screening Program
|
| |
Christine Cunneen, CEO Hire Image LLC
|
|
|
| |
Montserrat Miller, co-chair of Arnall Golden Gregory's Background Screening Industry Group
|
|
Tuesday, November 17, 2015
3:00 - 4:00 pm EST
2:00 pm - 3:00 pm CST
1:00 pm - 2:00 pm MST
12:00 pm - 1:00 pm PST
Minimize the risk associated with background screening of applicants and current employees;
- Stay in compliance under the Fair Credit Reporting Act (FCRA);
- Be aware of new state laws that are increasing restrictions on employers;
- Know what you need to do in light of recent EEOC activities that could signal major changes to come in the background screening process.
|
About Hire Image
Hire Image LLC is a specialist in the field of background screening, drug testing and verification services. Our priority is to provide timely background screening reports, thus enabling clients to make well-informed hiring and/or retention decisions. We work with organizations nationwide, from small businesses and associations to large corporations, in all industries. Our clients are best served through our exceptional support system and customized reporting, which is tailored specifically to meet their needs. By considering ourselves a partner with each client, our success is based upon their success.
|
|
|
|
|
|
|
