Skip to main content

Identity Theft Protection While Job Hunting

Twelve Truths that may help you protect yourself or someone you know . . .

Layoffs and cutbacks are directly affecting many of us today.  Most of us know someone, if not ourselves, who are looking for employment.  Help protect yourself or a friend from identity theft when applying for a new position!  Below is a list of Twelve Truths that may help you protect yourself or someone you know from Identity Theft while shopping for a job:

Truth #1: If you’re going to post a resume online, post your resume “privately.”
Truth #2: Not everyone who has access to a resume database should.
Truth #3: Not every job offer you see is for a real job — some jobs are just scams.
Truth #4: The more general the email “job” offer, the less valid it usually is.
Truth #5: Even the most careful, conscientious sites cannot control your resume after someone
has downloaded it.
Truth #6: Unless you are applying to the Federal or State government, never put a Social Security
Number on your resume.
Truth #7: Using a disposable e-mail address and a PO Box can save you from many headaches.
Truth #8: Things to omit from your resumes if you post it online –
Your references, for sure. Your school name, possibly.
Truth #9: Some resume databases are better than others.
Truth #10: Delete does not always mean delete.
Truth #11: Keeping good records is crucial for online job searching – don’t forget any of the websites
where you post your resume.
Truth #12: Prevention is better than the cure!

Florida Identity Theft Ring Busted

An identity theft ring used counterfeit checks to steal at least . . .

An identity theft ring that included bank employees, bank supervisors and a postal worker used counterfeit checks to steal at least $100,000 across South Florida in recent months.  Of 46 people suspected of being in the ring, 24 so far have been arrested.

The suspects stole people’s personal information, such as payroll and rebate checks, during home and car burglaries. That information was used to create fake checks that were cashed at Wal-Mart, Publix supermarkets, check-cashing stores, banks and other locations in Broward and Miami-Dade counties.

HIPAA Doesn’t Apply to You . . . or Does It?

Your company’s failure to comply with requirements can result in . . .

It certainly seems logical that if your company is not involved in the provision or management of health-care services, then the requirement of the Health Insurance Portability and Accountability Act or HIPAA, which, among other things, mandates certain treatment of medical information about individuals, does not apply to your company.

However, because one of the purposes of HIPAA is the protection of certain health information, depending on the specific circumstances surrounding your company’s group health plan, your company may be required to comply with certain HIPAA provisions.  If applicable, your company’s failure to comply with HIPAA’s requirements can result in significant expense and administrative burdens for your company.

The determination of whether an employer is required to comply with HIPAA regulations and, if so, the employer’s compliance requirements can be made only after an evaluation of the specific facts of the employer’s involvement with the group plan.  Failure to comply as required can result in an employer and its employees being subject to significant monetary penalties, additional administrative costs, and even imprisonment.  Accordingly, if your company sponsors a group health plan, you should consult with a legal advisor who has expertise in the area of HIPAA compliance to determine the extent, if any, to which your company is required to comply with HIPAA and, if so, the steps necessary for compliance.

Pinellas County Government Breach

Improperly disposed of documents from the County and State levels . . .

Branches of county and state government in Pinellas County Florida have improperly disposed of documents that contain citizens’ sensitive personal information.  The report states that Hundreds of documents were involved, and the inappropriate disposals may violate state and federal law.  “Citizens are forced to provide confidential information to the government,” said Bob Melton, the clerk’s audit director.  “So the government has a huge responsibility to ensure that information is protected and in these cases, it was not.”

HIPAA NEWS – HIPAA Privacy Fine $4.3 Million

Clinics Failed to Provide Patients with Records Access . . .

For the first time, federal officials have issued a civil monetary penalty to a healthcare organization for violations of the HIPPA privacy rule. Cignet Health of Prince George’s County, Md., was fined $4.3 million for the violations that involved failing to provide 41 patients with access to their medical records and then failing to cooperate with federal investigators.

The individuals affected filed records access complaints with the HHS’ Office for Civil Rights between September 2008 and October 2009. The HIPAA privacy rule requires that a covered entity, such as a clinic or hospital, provide a patient with a copy of their records no later than 60 days after a request. HHS imposed a “civil monetary penalty” of $1.3 million for Cignet’s violation of this requirement.

HHS explained in a statement that Cignet refused to respond to OCR’s demands to produce the records and failed to cooperate with OCR’s investigations of the complaints and produce the records in response to a subpoena. OCR filed a petition to enforce its subpoena in a U.S. District Court and obtained a default judgment against Cignet on March 30, 2010. On April 7, 2010, Cignet produced the medical records to OCR, but otherwise made no efforts to resolve the complaints through informal means, HHS said.

Cignet failed to cooperate with OCR’s investigations from March 2009 to April 2010, constituting willful neglect to comply with the HIPAA privacy rule, according to HHS. HIPAA covered entities are required under law to cooperate with the department’s investigations. The fine for these violations was $3 million.

Massachusetts General Hospital pays $1 Million in Settlement

Case involved loss of documents that included information on patients with HIV/AIDS . . .

In the second major HIPAA enforcement agency announced by federal authorities this week, Massachusetts General Hospital and its physicians organization have entered into a resolution agreement that calls for paying a $1 million settlement and taking corrective action to avoid future violations. The case involved the loss of documents that included information on patients with HIV/AIDS.

Earlier this week, the Department of Health and Human Services announced a $4.3 million civil monetary penalty against Cignet Health. That case apparently included a heftier financial penalty because it did not involve a negotiated resolution agreement.

With the two announcements of penalties for HIPAA privacy rule violations, HHS’ Office for Civil Rights appears to be giving strong signals that its long-promised plans to ramp up enforcement efforts are now a reality. “We hope the health care industry will take a close look at this agreement and recognize that OCR is serious about HIPAA enforcement,” said OCR Director Georgina Verdugo.

The resolution agreement with Massachusetts General stems from the loss of scheduling documents for 192 patients in the hospital’s General Infectious Disease Associates outpatient practice, including those with HIV/AIDS. OCR initiated its investigation when a patient whose information was lost filed a complaint.

The patient encounter billing forms and schedules were lost on March 9, 2009, when a hospital employee, while commuting to work, left them on a subway train. They included such information as names, medical records numbers, insurance information and diagnoses.

The corrective action plan calls for Massachusetts General to:
*Develop and implement a comprehensive set of policies and procedures that ensure patient information is protected when removed from the hospital;
*Train staff members on these policies and procedures;
*Designate the director of internal audit services of Partners Healthcare System, the hospital’s parent company, to serve as an internal monitor who will conduct assessments of the hospital’s compliance with the corrective action plan and submit semi-annual reports to HHS for three years.

In a statement, Massachusetts General said that in addition to the new policies and procedures, it would also take the extra security steps of encrypting laptops and USB drives.

Two Are Charged With Fraud in iPad Security Breach

Charges of fraud and conspiracy in obtaining and distributing the e-mail addresses of 114,000 iPad owners . . .

Federal prosecutors arrested two men on charges of fraud and conspiracy in obtaining and distributing the e-mail addresses of 114,000 iPad 3G owners.
Those affected by the breach included military personnel, members of the Senate and the House of Representatives, and employees of NASA and the Department of Homeland Security.
Each man is charged with one count of conspiracy to access a computer without authorization and one count of fraud, according to the United States district attorney’s office in Newark. Each count carries a maximum penalty of five years in prison and a $250,000 fine.
The Goatse Security group, which the two men are a part of, originally maintained, in an open letter to AT&T in June, that it exposed the security vulnerability on the company’s site to alert it to the problem. The flaw allowed anyone to discover e-mail addresses by submitting potential iPad identification numbers to the site.
No actual e-mail messages were available through the security hole. But AT&T has described the group’s collection of data as “malicious” and has said that it could have exposed customers to spam or fraud.

 

Man Pleads Guilty in Florida Identity Theft Case

Admitted to having 100s of debit cards in other people’s names sent to girlfriend’s house . . .

Jimmy Lee Theodore, 27, faced charges for identity theft, wire fraud and unauthorized debit card use.  In West Palm Beach federal court, he admitted to having hundreds of debit cards in other people’s names sent to his girlfriend’s Pembroke Pines house. According to court records when U.S. postal inspectors went to the home, they found Holy Cross Hospital patient records as well as hundreds of patient records from a doctor’s office. The wire fraud charge on its own carries a maximum sentence of 20 years in prison. Theodore had recruited his aunt to get her friends — one who worked as an emergency room clerk at Holy Cross Hospital — to steal patients’ records. The hospital clerk, Natasha Orr, cut a plea deal with federal prosecutors in January and could face up to 10 years in prison when she is sentenced later this month.
Holy Cross Hospital computer technicians found Orr had accessed about 1,500 patient files between April 2009 and September 2010. The hospital ended up offering free identity-theft monitoring to more than 44,000 patients who visited the emergency room during that period.
Source: (The Sun Sentinel, “Ringleader in Holy Cross Hospital ID thefts pleads guilty,” Jon Burstein, 6 Apr 2011)

 

It’s a Sad Time for All of Us at Crown Shredding

Adam Johnson, our Operations Manager, passed away suddenly on April 22nd, 2011 . . .

Adam was a wonderful, warm person. He was soft spoken, shy and non-confrontational. If you ever had the pleasure of speaking with him, you would find his voice soothing and courteous. He was the creative mastermind behind our routing, and when it came to scheduling, he would do his level best to accommodate a client’s needs. Adam loved his work, and it showed.

From candy to Disney, Adam loved all things sweet! It was not unusual to find him with a coke and a Reese’s peanut butter cup nearby. His sense of humor was dry and usually included a movie line zinger! He always found it fun when you would respond in kind! He could talk about movies and video games for hours and when he did, his face would light up, like a kid at Christmas… or maybe I should have said Halloween, since that was his favorite time of the year. Adam used to go to Mickey’s Not So Scary Halloween party in the Magic Kingdom at Disney World. He loved the trick or treating, the dressing up, the costumes, parades, music and fireworks. He especially loved seeing the families together. Adam had a special place in his heart for family. He enjoyed spending time with his parents and sister and spoke highly of his brother. He shared dreams of marrying his fiancé Aimee, and raising children some day. He was also part of the Crown Shredding Family. A family of individuals working together, looking out for each other and helping each other grow. A family who celebrates each other’s triumphs and supports each other during the hard times. A family who will now mourn together, and provide strength for each other during this very difficult time. A corporate family who will miss and honor the memory of Adam Johnson.

“When death touches our circle, it prompts memories of the life that was lived and how it intersected with our own.”
-Debbie Burgamy