© 2008, Consumer Data Industry Association Congressional Privacy Policy Panel Stuart K. Pratt.

Slides:



Advertisements
Similar presentations
Fair Credit Reporting Act You must be told if information in your file has been used against you You can find out what is in your file You can dispute.
Advertisements

Red Flags Compliance BANKERS ADVISORY 1 Red Flags Compliance Fair & Accurate Credit Transactions Act (FACTA) Identity Theft Prevention.
Red Flag Rules: What they are? & What you need to do
NACARA Annual Conference Industry Perspectives Panel September 29,2014 Boise, Idaho Andy Madden Director State Government Affairs ACA International.
Changes to HIPAA (as they pertain to records management) Health Information Technology for Economic Clinical Health Act (HITECH) – federal regulation included.
Silicon Valley Apps for Kids Meetup Laura D. Berger October 22, 2012 The views expressed herein are those of the speaker, and do not represent the views.
Protecting Personal Information Guidance for Business.
I.D. Theft Alaska’s New Protection of Personal Information Act Ed Sniffen Senior Assistant Attorney General Alaska Department of Law.
PRIVACY BREACHES A “breach of the security of the system”: –Is the “unauthorized acquisition of computerized data that compromises the security, confidentiality,
Identity Theft. Identity Theft – Some Basics affects million people per year keeps increasing each year most common items exposed during a data.
Are You Ready? Identity fraud and identity management are quickly becoming critical operational concerns for the financial industry. The Red Flags Guidelines.
Identity Theft “Red Flags” Rules Under the FACT Act Reid Fudge CISSP, CISA Pulte Mortgage, LLC November 2008.
Consumer Privacy & Protection Joanna Acocella May 22, 2007.
Red Flags Rule & Municipal Utilities
CONSUMER CREDIT LEGISLATION Carl Johnson Financial Literacy Jenks High School.
Can the US Meet International Privacy Standards in an Era of Personal Health Records, Consumer Scores and Watch Lists? UNSW's Cyberspace Law and Policy.
Congress and Contractor Personal Conflicts of Interest May 21, 2008 Jon Etherton Etherton and Associates, Inc.
2010 Legislation and Health Care Reform; How it will affect dentistry?
Insights on the Legal Landscape for Data Privacy in Higher Education Rodney Petersen, J.D. Government Relations Officer and Security Task Force Coordinator.
1 Information and Systems Security/Compliance Security Day The Information and Systems Security/Compliance Program Dave Kovarik.
Security of Computerized Medical Information: Threats from Authorized Users James G. Anderson, Ph.D. Purdue University.
1 Streamlined Sales Tax Governing Board. The Marketplace Fairness Act of 2015(MFA) Grants state and local jurisdictions the right to require the collection.
SMART GRID: Privacy Awareness and Training – for PUCs/PSCs A Starting Point December 2011 SGIP-CSWG Privacy Group 1 DRAFT.
“Privacy Implications of RFID Technology in Health Care Settings” Marc Rotenberg President EPIC Dept. of Health & Human Services Washington, DC 11 January.
Fraud, Waste & Abuse DEFICIT REDUCTION ACT OF 2005 Presented by: MARCH Vision Care, 2013.
Banks and the Privacy of Medical Information 8 th National HIPAA Summit March 8, 2004 Joy Pritts, JD Health Policy Institute Georgetown University
> > > > Business Law Appendix A. Legal System & Administrative Agencies The judiciary is the court system, the brand of government responsible for settling.
In the Belly of the Breach: What Every In-House Counsel Needs to Know about Data Breach Response ACC International Legal Affairs Committee Legal Quick.
Name of presenter(s) or subtitle Privacy laws and their impact on research David W. Stark MRIA B.C. Chapter November 2, 2005.
Targeted Data  Integrated Solutions  Modeling & Analytics Equifax intelligence ® Data Security & Privacy DMNYC Luncheon, May 11, 2006 Chris Lynde – SVP.
Audit and Fiscal Oversight Responsibilities VAVRINEK, TRINE, DAY & CO., LLP December 15,2010.
Copyright 2007, Integrated Compliance Solutions, LLC FACT Act Red Flags Bank Compliance Association of Connecticut September 3, 2008 Copyright 2007, Integrated.
FAIR CREDIT REPORTING ACT.  Serves the following principal purposes:  To regulate the consumer-reporting industry.  To prohibit unfair actions from.
Outsourcing Louis P. Piergeti VP, IIROC March 29, 2011.
Understanding the Fair and Accurate Credit Transaction Act, the “Red Flag” Regulations, and their impact on Health Care Providers Raising a “Red Flag”
Track II: Introduction and Overview of Financial Services and Information Technology Privacy Policy: Synthesizing Financial Services Industry Privacy David.
 Administrative law is created by administrative agencies which regulate many areas of our government, community, and businesses.  A significant cost.
Institutional Research Compliance Juliann Tenney, JD Research Compliance and Privacy Officer Director, Institutional Research Compliance Program.
Enterprise data (decentralized control, data security and privacy) Incident Response: State and Federal Law Rodney Petersen Security Task Force Coordinator.
FTC RED FLAG RULE As many as nine million Americans have their identities stolen each year. Identity thieves may drain their accounts, damage their credit,
IDENTITY THEFT. RHONDA L. ANDERSON, RHIA, PRESIDENT ANDERSON HEALTH INFORMATION SYSTEMS, INC.
© 2011 Foley Hoag LLP. All Rights Reserved. 1 What Law Applies In “the Cloud”? And how far into the Cloud does Massachusetts law extend? A CloudCamp Boston.
Internet Fraud Complaint. Internet fraud refers to any type of frauds that take place due to the use of internet.
Red Flag Training IDENTITY THEFT PREVENTION PROGRAM OVERVIEW AUTOMOTIVE.
New Identity Theft Rules Rodney J. Petersen, J.D. Government Relations Officer Security Task Force Coordinator EDUCAUSE.
Technology Supervision Branch Interagency Identity Theft Red Flags Regulation Bank Compliance Association of CT Bristol, CT September 3, 2008.
Addressing Unauthorized Release of Personal Information at UC Davis August 12, 2003.
Federal Trade Commission U.S. Rules on Privacy and Data Security Organization for International Investment General Counsel Conference October 16, 2009.
Current Law: Health Care Big Data Kirk J. Nahra Wiley Rein LLP Washington, D.C. (Dec. 8, 2014)
The Internet of Things and Consumer Protection
Preventing and Detecting Identity Theft: Partnering with the IRS to Meet the Challenge Anita Douglas Senior Stakeholder Liaison November 13, 2015.
Data Security & Privacy: Fundamental Risk Mitigation Tactics 360° of IT Compliance Anthony Perkins, Shareholder Business Law Practice Group Data Security.
May l Washington, DC l Omni Shoreham Web Hosting Potentials and Pitfalls David Snead Attorney W. David Snead, P.C.
Copyright, Intellectual Property, and Privacy 1 Lesson Plan: BMM A9-4.
FDA Risk Communication Nancy M. Ostrove, PhD Senior Advisor for Risk Communication Risk Communication Advisory Committee February 28, 2008.
CYBERSECURITY: RISK AND LIABILITY March 2, 2016 Joshua A. Mooney Co-chair-Cyber Law and Data Protection White and Williams LLP (215)
Personal Finance 7.02 Credit Ratings. CREDIT DEFINITIONS Credit Trust given to another person for future payment of a loan, credit card balance, etc.
Welcome to Unit Nine CJ230 Identity Theft Prof. Hulvat.
Marketing Principles CHAPTER 6 SECTION 1.  Government actions have a great impact on business and its operations.  The US Government has three branches:
JOHN M. HUFF NAIC PRESIDENT DIRECTOR, MISSOURI DEPARTMENT OF INSURANCE JUNE 16, 2016 NAIC CYBERSECURITY INITIATIVES.
Click here to advance to the next slide.
ALL ABOUT THE FTC By: Brandon Baldwin.
Consumer Privacy An Introduction
Identity Theft Prevention Program Training
Enforcement and Policy Challenges in Health Information Privacy
Getting the Green Light on the Red Flags Rule
Presentation transcript:

© 2008, Consumer Data Industry Association Congressional Privacy Policy Panel Stuart K. Pratt

© 2008, Consumer Data Industry Association Congressional Privacy Policy Panel Data Security Data Breach Notification Data Brokers Social Security Numbers

© 2008, Consumer Data Industry Association Congressional Privacy Policy Panel Data Security &Data Breach Notification –These are two core issues which create legislative vehicles for a for broader range of issues related to data use and privacy. –Political complexity makes it difficult to move legislation at the federal level. –Media coverage focused on possible risks to consumers due to breaches. Alleged identity theft risks are often cited.

© 2008, Consumer Data Industry Association Congressional Privacy Policy Panel Data Security &Data Breach Notification –Some of the key questions: What data is to be covered? What standard of security is to be applied? When should a consumer be notified. What rights does a consumer then have?

© 2008, Consumer Data Industry Association Congressional Privacy Policy Panel Data Brokers –Several legislative efforts focused on creating a new regulated entity. –Who/what are data brokers? Human resources departments? Non-FCRA third-party databases? ISPs/Telecommunications? –FCRA-like requirements: Verification of data. Right to dispute and correction.

© 2008, Consumer Data Industry Association Congressional Privacy Policy Panel Data Brokers – Problems with current approaches: –Possible tension with the operation of other federal laws. Examples: Gramm-Leach-Bliley Act Fair Credit Reporting Act –Concerns about the operation of products used to fight identity theft. –Impacts on direct-marketing databases.

© 2008, Consumer Data Industry Association Congressional Privacy Policy Panel Data Security, Breach Notices & Data Brokers – why haven’t these bills moved? –Multiple congressional committees involved. –No one winner has emerged. –Jurisdictional issues not resolved. –Bills become complex and laden with too many issues affecting a wide array of industries.

© 2008, Consumer Data Industry Association Congressional Privacy Policy Panel Data Security, Breach Notices & Data Brokers – why haven’t these bills moved? –Conflicts with the operation of other federal laws not adequately addressed. –States are moved where congress has not. 48 states plus the District of Columbia have a credit freeze law. More than 30 states have enacted data breach notification laws. –FTC investigations of unfairness and deception relative to data security and notification have impacted the marketplace.

© 2008, Consumer Data Industry Association Congressional Privacy Policy Panel Regulation of Social Security Numbers –Paralleling the data security/breach/broker efforts in congress. –Some of the underlying issue drivers are the same. –Some of the same problems with moving legislation. –Not a new issue. Efforts have been ongoing in the states and in the congress since the 1990s.

© 2008, Consumer Data Industry Association Congressional Privacy Policy Panel Regulation of Social Security Numbers –Often characterized as a key to a consumer’s identity. –Concerns about it being used as an method of verifying a consumer’s identity. –A symbol of a consumer’s risk of identity theft.

© 2008, Consumer Data Industry Association Congressional Privacy Policy Panel Regulation of Social Security Numbers Goals vary in terms of proposals: –Prohibit most uses. –Establish a federal regulator (SSA or FTC ) to oversee use of the number. –Create a limited set of permissible uses. –Create incentives to end use of the number over time.

© 2008, Consumer Data Industry Association Congressional Privacy Policy Panel Even in the absence of congressional action, what are the facts regarding identity theft risks?

19.8% N/A © 2008, Consumer Data Industry Association

16.2% N/A © 2008, Consumer Data Industry Association

N/A 11% © 2008, Consumer Data Industry Association

Projected 26% NOTE: Through March 31, Of 8.3 million consumers affected in 1Q 2008, 4.2 million were from one breach – Hannaford supermarkets © 2008, Consumer Data Industry Association

Congressional Privacy Policy Panel A 2006 case study in credit fraud prevention – debunking the myth that fast decisions lead to large-scale true name fraud. –Over 33 million in-store applications are processed by a single lender annually or over 90,000 applications per day. –Approximately 60% of all applications are approved or 19.8 million annually. –There is 1 fraudulent account per 1,613 approved applications. –Total fraudulent applications is 0.06% of the 19.8 million approved applications.

45% N/A © 2008, Consumer Data Industry Association

Congressional Privacy Policy Panel What to expect going forward: –Bills will be introduced again in the next congress. –Many of the same jurisdictional conflicts seen in the past will remain. –Bills will be broad and will be complex with tensions between data security, data breach notification and privacy issues (e.g., data brokers, etc.).

© 2008, Consumer Data Industry Association Congressional Privacy Policy Panel Stuart K. Pratt

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2025 SlidePlayer.com. Inc. All rights reserved.