Momentum - Business to Business Online Magazine Momentum May 2017 | Page 35

Business
By: Becky Sill, CIPA
Independent LegalShield Associate
www.beckysill.com
Identity Protection Framework Part II
IDENTITY LIFE CYCLE
It is important to understand the life cycle of personal
information to effectively identify and evaluate identity
theft risk and put into place best practices for protecting
your customers’ personal identifiable information.
The cycle of this high level of personal information is
known as the identity life cycle.
1.) Information is born - a new piece of information is
created by either you, such as when applying for and
obtaining a credit card or passport, or by someone
else such as a hospital issuing a birth certificate.
2.) Information is maintained - after a piece of
information is born or created, it is used, shared, and
stored as it is maintained and managed through the
identity life cycle.
3.) Information is destroyed – information may be
destroyed by a consumer as in closing accounts or
destroying credit cards, or by a company closing an
account and deleting the information. Note: A person
who has died is still at risk of having their key personal
identifiers used if the death was not communicated
timely to the appropriate administration or the
administration fails to record the information timely, or
at all.
A continuous risk assessment must be performed
throughout the identity life cycle to determine:
C.) What are potential fraud implications?
D.) What are the options for dealing with the risks?
When collecting personal identifiable information for your
company, it is critical to have an ongoing risk assessment
evaluation process in place as well as systems to protect
the information. This system should include employee
education for handling the information and the risk
involved.
In regards to your own personal identifiable information,
take steps to reduce your risk by limiting who you share
your information with and evaluate the company who
collects your information to make sure they have systems
in place to protect it. With a world of technology there is no
way to completely eliminate identity theft, however, with
added precautions you can certainly mitigate your risk.
A.) Which pieces of information obtained can lead to
identity theft.
B.) What are the threats facing the identity components?
MOMENTUM / May 2017
35