National Identity Fraud Prevention Week (6th–12th October).

In our recent survey a staggering 85% of you told us that you had found sensitive or confidential information lying around the office – this included potentially damaging memos and correspondence, confidential customer data, bank account details – and even a credit card!

Even more worrying, 70% of you told us that your company issued no formal guidance on what to shred and that you simply "used your initiative". Although this says much for the loyalty and dedication of the nation’s PAs, it says little for your company’s security procedures.

Government figures show that identity fraud costs the UK economy over £1 billion annually – but the emotional cost to victims is incalculable. Business has a significant role to play in helping to protect the identities of their customers and employees.

The statistics are frightening!

Independent pan-European market research, for National Identity Fraud Prevention Week, shows that:

• 97% of British consumers are not completely confident that the organisations they deal with take adequate steps to protect their information and prevent identity fraud
• Furthermore, it would seem that their feelings are justified – 92% of employees surveyed confessed that the identity of employees and customers of their company could be stolen by a fraudster
• 75% believe that their organisation should be doing more to prevent ID fraud

• 56% of British employees think sensitive documents could be stolen from people’s desks
• 53% believe papers could be stolen from their company’s paper-based filing systems
• 72% believe that dishonest employees could leak information to ID fraudsters
• 63% believe that information could be stolen from the company’s computer system
• 56% believe employees’ and customers’ identities could be obtained from company bins and one in ten actually admitted to putting sensitive documents straight in the bin, still intact

In a bid to encourage best practice and to encourage businesses to take action now, National Identity Fraud Prevention week has issued the following guidelines:-

PROTECT YOUR EMPLOYEES AND CUSTOMERS

Limit Access - Only key members of staff should have access to highly sensitive documents.

Inform staff – about the risk of identity fraud and caution them about giving out company information without first checking who they are giving the information to.

Introduce a clean desk policy – This reduces the risk of identity theft in the workplace as passwords and confidential information gets locked away.

Protect customer information - From small retail outlets to large corporations, all businesses are responsible for the protection of their customers’ data. Businesses should have comprehensive security strategies in place.

Understand your systems - Know what personal information you have in your files and on your computer. Understand how personal information moves into, through, and out of your business and who has access — or could have access to it. For example if you are a retail outlet, make sure you follow the rules and regulations regarding abandoned credit card receipts.

Minimise what you keep - Keep only what you need for your business. These days, if you don’t have a legitimate business reason to have sensitive information in your files or on your computer, don’t keep it.

Keep data secure - Protect the information you keep. Be cognisant of physical security, electronic security, employee training, and the practices of your contractors and affiliates. Lock away sensitive documents in a safe place and limit access to these documents to the staff who really need them.

Shred all documents - Businesses have a duty of care to protect their employees’ and customers’ information and a legal obligation under the Data Protection Act.

Remember, plan ahead - Draft a plan to respond to security incidents. Designate a senior member of your team to create an action plan before a breach happens. It is also vital to promptly pass along information and instructions to employees and customers themselves regarding any new security risks or possible breaches.

STEPS YOU CAN TAKE TO PROTECT YOURSELF INCLUDE:

• Keep your personal and confidential documents secure
• Always shred, using a cross cut shredder, before disposing of documentation – bank and credit card statements, utility bills, receipts, direct mail containing any personal information, mortgage applications etc
• Regularly check your bank and credit card accounts for unusual transactions
• Regularly obtain a copy of your credit report from credit reference agencies Callcredit, Equifax or Experian, and monitor it for discrepancies
• When you move home, redirect your mail from your old address to your new address for at least a year. You can now apply online 24/7, visit: www.royalmail.com/redirection for more information
• Going away? If you're planning to be away from home, you’ll want to make sure you don’t leave any obvious clues, like a pile of mail on your doormat, contact Royal Mail about their 'Keepsafe' service which will hold your mail for up to two months, and deliver it on your return. For more information visit www.royalmail.com
• Regularly check your bank and credit card accounts for unusual transactions
• Never give out any personal information to unidentified individuals or organisations who contact you by phone, email or face-to-face
• Visit www.met.police.uk/fraudalert/ for information on different types of fraud.
• Never respond to e-mails asking for personal or financial information. Be especially careful when sending personal information over the internet.
• If you receive an email that warns, with little or no notice, that an account will be shut down unless you reconfirm billing or security information, you should not reply or click on the link in the email. Instead, contact the institution cited in the email using a telephone number or web site address you know to be genuine.
• Use up-to-date anti-virus software and a personal firewall and, if your computer uses the Microsoft Windows operating system, keep it updated from the Microsoft website. Be extra careful if using Internet cafes or any PC which is not your own and over which you have no control. If in doubt, a good place to get help and guidance on how to stay safe online is your bank's website. Check regularly for specific information and guidance on protecting your PC and yourself online.
• Avoid emailing personal and financial information. Before submitting financial information through a web site, look for the ‘lock’ icon on the browser's status bar. It signals that personal information is secure during transmission.
• Never give personal information to people calling from companies you have not dealt with before. Always check the identity of these people by calling them back. Obtain their office number from directory enquiries and then confirm their position with the switchboard before speaking to them
• If you have been a victim of identity fraud involving the use of plastic cards, online banking or cheques, the matter should be reported direct to the financial institution concerned. They will then be responsible for further investigation and, where appropriate, onward reporting to the police. Other incidents should be reported to the relevant organisation and, dependent on their advice, to your local police station

The National Identity Fraud Prevention Week team has produced a free ‘Protecting Your Identity’ guide. For this and more information on how to protect yourself, and how to cope if you are a victim of identity fraud, visit the official campaign website, www.stop-idfraud.co.uk. In addition, an online identity theft risk assessment is available here.