There’s no such thing as a free lunch but there’s free fraud protection services? I don’t understand the business model here. David Weldon reports:
Organizations that suffer data breaches may now be able to offer free fraud protection to their customers through a new program announced this week.
Austin, Texas-based data security and analytics company XOR Data Exchange has launched a new platform, the Compromised Identity Exchange, which “aims to protect U.S. consumers, businesses and government entities from data breach-related identity theft and fraud.”
Participation in the exchange is free to organizations that have suffered a data breach of personally identifiable information in order to drive widespread protection for breach victims.
Read more on Information Management.
I looked at XOR’s web site and still don’t understand this whole thing. Nor do I understand the legal implications of any of this in terms of sharing information if such sharing has not been included in any privacy policy – especially for covered entities or business associates under HIPAA. And how does the exchange know that a requestor isn’t a criminal?
Maybe if I have more coffee and start again on their site, it will make sense to me, but right now, I’m just scratching my head and hearing the tiny jingle of warning bells that I haven’t clearly identified.
If anyone from XOR wants to get in touch with me to break this all down in tiny pieces of information for my brain to process, that would be nice.