Momentum - Business to Business Online Magazine Momentum May 2017 | Page 35

Business By: Becky Sill, CIPA Independent LegalShield Associate www.beckysill.com Identity Protection Framework Part II IDENTITY LIFE CYCLE It is important to understand the life cycle of personal information to effectively identify and evaluate identity theft risk and put into place best practices for protecting your customers’ personal identifiable information. The cycle of this high level of personal information is known as the identity life cycle. 1.) Information is born - a new piece of information is created by either you, such as when applying for and obtaining a credit card or passport, or by someone else such as a hospital issuing a birth certificate. 2.) Information is maintained - after a piece of information is born or created, it is used, shared, and stored as it is maintained and managed through the identity life cycle. 3.) Information is destroyed – information may be destroyed by a consumer as in closing accounts or destroying credit cards, or by a company closing an account and deleting the information. Note: A person who has died is still at risk of having their key personal identifiers used if the death was not communicated timely to the appropriate administration or the administration fails to record the information timely, or at all. A continuous risk assessment must be performed throughout the identity life cycle to determine: C.) What are potential fraud implications? D.) What are the options for dealing with the risks? When collecting personal identifiable information for your company, it is critical to have an ongoing risk assessment evaluation process in place as well as systems to protect the information. This system should include employee education for handling the information and the risk involved. In regards to your own personal identifiable information, take steps to reduce your risk by limiting who you share your information with and evaluate the company who collects your information to make sure they have systems in place to protect it. With a world of technology there is no way to completely eliminate identity theft, however, with added precautions you can certainly mitigate your risk. A.) Which pieces of information obtained can lead to identity theft. B.) What are the threats facing the identity components? MOMENTUM / May 2017 35