Identity Theft: The US Legal Environment and Organisations' Related Responsibilities

In this paper, the authors discuss an organisation's responsibilities to mitigate the opportunity for identity theft. They also provide guidance to evaluate and implement controls useful in addressing identity theft risk. Identity theft is the criminal act of assuming the identity of another pe...

Full description

Saved in:
Bibliographic Details
Published in:Journal of financial crime 2004-08, Vol.12 (1), p.33
Main Authors: Gerard, Gregory J, Hillison, William, Pacini, Carl
Format: Article
Language:English
Subjects:
Corporate responsibility
Federal legislation
Fraud
Identity theft
Internal controls
Personal computers
Software
Online Access:Get full text
Tags: Add Tag
No Tags, Be the first to tag this record!
Description
Summary:In this paper, the authors discuss an organisation's responsibilities to mitigate the opportunity for identity theft. They also provide guidance to evaluate and implement controls useful in addressing identity theft risk. Identity theft is the criminal act of assuming the identity of another person with the expectation of gain. The gain is normally financial as a result of extending credit improperly, allowing banking transactions, establishing cellular telephone or utility services, or accessing governmental benefits. It is estimated that identity theft resulted in the loss of $221 billion worldwide in 2003, with $73.8 billion lost in the US alone. Issues addressed here relate to organisations that collect, assemble, process, store and retrieve information about individuals. Many organisations may not recognise the potential liability of not controlling information risks. This paper identifies the legal and moral responsibilities, risks, and related internal controls associated with personal information about an organisation's customers, employees, and other stakeholders.
ISSN:1359-0790
1758-7239