A recent post on a FACTA-related lawsuit touched a nerve for at least one reader. Erick Mann, ID Theft Group Security Specialist, sent me the following, which he’s given me permission to post here:
I have found that the conversation sounds like a loop on a tape recorder: “We’re fine, that doesn’t apply to us” or “We’re compliant with HIPAA, we don’t have to do that” or better yet: “We are not going to participate!” “That doesn’t apply to us” (medical community), “We can do this ourselves, by internalizing!” The same with school districts. YOU CANNOT INTERNALIZE IT!
I brought it to the attention to a prominent hospital in Houston, Texas approximately a year ago and just a week ago I received a call from an insider who informed me that _______ hospital just had a major breach and that it came from the Emergency Room. Some one had been stealing patients information and selling it (of course) for a profit and it had been going on for approximately 5 years. WOW! Were people’s lives affected?
Now when you speak to the OCC and they don’t get it, something is terribly wrong! The banks, realtors, title companies, mortgage companies — after we show them the correct way that the doctrine reads in a PowerPoint presentation, the reply is “We have issues.” Well yes, you are not compliant, period! You have not started the compliance process! What a bunch of educated IDIOTS!
Is reasonable meaning 1/5 and the other 4/5 of the compliance process not apply?
You ask them, “How do you mitigate the crime? Who is your Compliance Officer? Who is responsible for any and all civil and criminal liabilities re: ID theft in the workplace?” They don’t have a clue and ask, “What the hey are you talking about?”
One would have to be deaf, dumb and blind not to know America has a pandemic problem we are being faced with. This is “The perfect Storm!”
Well Vern, “YOU CAN’T FIX STUPID!” Know what I mean? I believe that is very true. I can show you time after time and meeting after meeting and if you wish to accompany me on a day’s outing just how staggering and how many DO NOT GET IT!! You would say “YOU CAN’T FIX STUPID!”
A quick story…
I talked to a company and gave them the information on FACTA, they knew that they were not in compliance. I asked if we could do the training for them. No, they were not interested. A couple of weeks later I had some information in my hands that was very incriminating for the company and I asked to speak to the CEO. I was refused. A week later, I was at a hotel for a meeting and a man came up to me about this company and was told to “BACK OFF!” and that they were only going to tell me one time! Interesting?Well, I sent the information to the CEO and a nice letter with the information that included Gold American Express Credit Card numbers of employees that worked for the company, expiration dates, signatures, employee information, two bank account numbers with the signatures for international bank transfers of millions of dollars and NOTHING was done. They are still in violation of FACTA in the workplace.
Same thing with Boy Scouts of America — it’s all over and everyone seems to be passing the buck and pointing the finger in another direction. “It ain’t me, babe”.
The same goes for many doctors’ offices. They simply don’t care!
So what do you do?
Who does anything about the violators?
If we allow this to continue and do nothing we become culpable, too. ALL OF US!