Following changes to the Privacy Act, businesses are now under greater pressure to deal with, and dispose of, confidential information safely, both for their own protection and privacy, and that of their customers and staff members. Business need to be pro-active in preventing business identity theft.
National Identity Fraud Awareness Week
National Identity Fraud Awareness Week (NIFAW) is an awareness campaign aimed at
educating small and medium Australian businesses about their obligations under privacy law, and offering practical tips to help you protect sensitive identifying information. There are still penalties for those that breach the guidelines.
According to NIFAW, identity theft is not only a threat to individuals – businesses are also at risk of having their identity stolen, termed ‘corporate identity fraud’.
By stealing a business identity, the criminal is able to pass themselves off as a representative of the business, to obtain credit, goods, services, access bank accounts or engage in other fraudulent activity.
Keep Sensitive Information Safe
To keep sensitive information safe and protect against the growing risk of this white collar crime, NIFAW offers some useful strategies and tips, including:-
- have systems in place to authenticate an individual’s identity and that they really are who they say they are before releasing any information or acting on their behalf;
- dispose of all documents safely, and create a disposal policy in your workplace, to ensure the safe disposal of all personal and identifying information;
- store sensitive documents under an appropriate lock system, and limit access to appropriate staff members only;
- confetti cut shredders provide the greatest security;
- educate staff about privacy obligations and risks to customers and the business; and
- create appropriate electronic systems and safeguards to avoid any hacking.
Does your business have a privacy policy in place?
National Identity Fraud Awareness week is an ideal time to review the security protocols in place at your business.
Ask yourself:
- who can access sensitive information at your business?
- do you need to install lockable filing systems, password protected areas on your computer or other security mechanisms to ensure sensitive information is secure, particularly bank details / credit card details of both your business and your customers?
Review your businesses privacy policy
- Is it relevant? Does it outline applicable procedures which your staff need to follow? Update it if need be to keep it relevant and effective;
- Are your staff aware of your privacy policy? Do they have a copy of it and understand what it means;
- Offer continuing education and awareness to your employees so that your staff remain mindful of privacy issues, and comply with privacy protocols. This can done through newsletters, email updates, staff meetings, etc. If your business does not already have a privacy policy in place, take a look here.
Other information you might be interested in
Recent changes to the Privacy Act and what this means for you