280 likes | 413 Views
Quick Quiz Identity Theft Protection and Your Law Firm. Disclaimer. This quiz is intended for educational purposes only. Any information contained herein is provided “as is” and does not constitute legal advice, nor should it be used in lieu of competent legal counsel.
E N D
Disclaimer This quiz is intended for educational purposes only. Any information contained herein is provided “as is” and does not constitute legal advice, nor should it be used in lieu of competent legal counsel. Click anywhere to continue.
Instructions This five-minute quiz will determine how much you know about identity theft protection and your law firm. For each question, just click on the appropriate answer. Click anywhere to continue.
Which of these illegal activities generates the most money on a global scale? • Narcotics Trafficking • Identity Theft • Padding Legal Fees
Sorry, that’s incorrect. The revenue from trafficking financial data has surpassed that of drug trafficking. – Secret Service, March 2007 What’s more, increasing levels of identity theft, continuing illegal immigration, the high cost of healthcare, and the ongoing economic recession are likely to sustain the rapid expansion of the black market for personal identity data in the future. Click anywhere to continue.
You’re Right! The revenue from trafficking financial data has surpassed that of drug trafficking. – Secret Service, March 2007 What’s more, increasing levels of identity theft, continuing illegal immigration, the high cost of healthcare, and the ongoing economic recession are likely to sustain the rapid expansion of the black market for personal identity data in the future. Click anywhere to continue.
True or False? Since the FTC Red Flags Rule doesn’t apply to attorneys or law firms, I don’t need to worry about identity theft. • True • False
Sorry, that’s incorrect. Although attorneys have been tentatively excluded from the FTC Red Flags Rule, local, state, and federal legislation including HITECH, HIPAA, FACTA and others fully apply to attorneys. Furthermore, regardless of statutory requirements, failure to protect personal identity data, by either exposing or corrupting it, is increasingly leading to civil litigation. Click anywhere to continue.
You’re Right! Although attorneys have been tentatively excluded from the FTC Red Flags Rule, local, state, and federal legislation including HITECH, HIPAA, FACTA and others fully apply to attorneys. Furthermore, regardless of statutory requirements, failure to protect personal identity data, by either exposing or corrupting it, is increasingly leading to civil litigation. Click anywhere to continue.
True or False? Those with enough knowledge and influence can easily recover from identity theft. • True • False
Sorry, that’s incorrect. James is an identity theft victim in the southeastern United States, who was recently arrested because a criminal had stolen his identity and used his information with the police when being charged with a DUI. James’ wife was a clerk for a state Supreme Court Justice. She was able to get him out of jail, but she was not able to successfully correct his record in the many criminal databases. Several months later, James was arrested again. His wife, now an Assistant Attorney General of the state, was again able to free her husband, but not to completely correct his record. He and his wife expect that he will be arrested again in the near future. Click anywhere to continue.
You’re Right! James is an identity theft victim in the southeastern United States, who was recently arrested because a criminal had stolen his identity and used his information with the police when being charged with a DUI. James’ wife was a clerk for a state Supreme Court Justice. She was able to get him out of jail, but she was not able to successfully correct his record in the many criminal databases. Several months later, James was arrested again. His wife, now an Assistant Attorney General of the state, was again able to free her husband, but not to completely correct his record. He and his wife expect that he will be arrested again in the near future. Click anywhere to continue.
What percentage of data breaches are caused by human error? • Less than 20% • About 30% • About 40% • More than 50%
Sorry, that’s incorrect. More 50% of data breaches are a result of human error, and are therefore largely preventable at no or low cost through a combination of training and data security policies. Click anywhere to continue.
You’re Right! More 50% of data breaches are a result of human error, and are therefore largely preventable at no or low cost through a combination of training and data security policies. Click anywhere to continue.
True or False? Businesses/firms that suffer a data breach can reverse the damage by notifying their clients of the breach and providing credit monitoring services. • True • False
Sorry, that’s incorrect. Once a breach has occurred, it is practically impossible to prevent or reverse the damage to clients. They may be subject to multiple forms of identity theft, including drivers license, social security, medical, character/criminal and financial. Credit monitoring only addresses financial identity theft, and it generally cannot prevent future identity theft from occurring; it can only provide notification after the fact in many cases. Click anywhere to continue.
You’re Right! Once a breach has occurred, it is practically impossible to prevent or reverse the damage to clients. They may be subject to multiple forms of identity theft, including drivers license, social security, medical, character/criminal and financial. Credit monitoring only addresses financial identity theft, and it generally cannot prevent future identity theft from occurring; it can only provide notification after the fact in many cases. Click anywhere to continue.
True or False? There is no need to notify clients or customers of a breach unless required by the law. • True • False
Sorry, that’s incorrect. Even if not required by law to notify clients/customers of a breach, a company or firm can be held liable if its failure to provide notification results in additional damages. In addition, lawyers may have an ethical duty to notify clients of a breach. In cases where notification is legally required, violation of these laws can result in the suspension or revocation of attorney’s licenses. Click anywhere to continue.
You’re Right! Even if not required by law to notify clients/customers of a breach, a company or firm can be held liable if its failure to provide notification results in additional damages. In addition, lawyers may have an ethical duty to notify clients of a breach. In cases where notification is legally required, violation of these laws can result in the suspension or revocation of attorney’s licenses. Click anywhere to continue.
True or False? Even if I protect identity data that is under my direct control, I can still be held responsible for what happens after I pass it on to a third party. • True • False
Sorry, that’s incorrect. If you allow identity data to pass to a third party who does not have reasonable safeguards in place and has not complied with identity theft, data security, data destruction and privacy laws, you may be held responsible. This applies to custodial services, shredding services, data hosting/backup, copier/office equipment companies and more. Click anywhere to continue.
You’re Right! If you allow identity data to pass to a third party who does not have reasonable safeguards in place and has not complied with identity theft, data security, data destruction and privacy laws, you may be held responsible. This applies to custodial services, shredding services, data hosting/backup, copier/office equipment companies and more. Click anywhere to continue.
Which of the following steps, taken now, can protect your firm in the event of a breach? • Training your staff on how to properly handle identity data. • Enacting a written data security policy for all staff. • Formally appointing an Information Security Officer for the firm. • All of the above.
That’s partially correct. All of the steps listed may protect your firm in the event of a breach. The time to train your staff and adopt appropriate policies is now, before a breach occurs. The costs are extremely low, compared to the potential damages caused by a failure to safeguard personal identity information. Click anywhere to continue.
You’re Right! All of the steps listed may protect your firm in the event of a breach. The time to train your staff and adopt appropriate policies is now, before a breach occurs. The costs are extremely low, compared to the potential damages caused by a failure to safeguard personal identity information. Click anywhere to continue.
Identity Theft Protection Training from the South Carolina Bar On May 20, 2010, the SC Bar is offering a seminar and live webcast titled, “Identity Theft, Data Protection and Privacy: Obstacles and Opportunities for all Attorneys.” Don’t wait until a breach exposes you to liability. Take this opportunity to ensure that proper training and safeguards are in place in your firm. Also coming in May 2010, look for compliance training seminars online from the SC Bar. You and your staff will learn how to protect client identity data from collection to disposal, insulate your firm from liability and comply with relevant state and federal legislation.