Industrial espionage is becoming an ever increasing problem. Companies can spend millions of dollars on research and development costs, only to have their ideas stolen by a competitor.
Most people don’t know it, but there is a group of individuals that specialize in competitive intelligence. They don’t advocate obtaining intelligence illegally, but do you want to bet your business on their word.
Society of Competitive Intelligence Professionals (SCIP). Check out their website at www.scip.org. They even have a yearly trade show. Type in “competitive intelligence” on your browser and you’ll be surprised what you see. Make sure your information security plan has provisions for shredding any sensitive information, no matter how outdated you think it is.
Health Insurance Portability and Accountability Act of 1996 (HIPAA)
The United States Department of Health and Human Services developed standards and requirements for the maintenance and transmission of health information that identifies individual patients. HIPAA will have a major, ongoing impact on healthcare providers.
The HIPAA compliance deadline is April 14, 2003. The Department of Human Services for Civil Rights is responsible for enforcing the privacy regulations which will carry significant criminal and civil penalties.
General penalty for failure to comply is $100 for each violation. Maximum penalty for all violations of an identical requirement may not exceed $25,000. Wrongful disclosure of individually identifiable health information is $50,000, imprisonment of not more than one year or both.
Offense under false pretenses is $100,000, imprisonment of not more than 5 years or both. Offense with intent to sell information is $250,000, imprisonment of not more than 10 years or both.
1974 Federal Privacy Act
This act was established to insure that government agencies protect the privacy of businesses and individuals with regard to information held by them, and to hold these agencies liable if there is an unauthorized release of information.
Financial Services Modernization Act or GLB Regulations
The Gramm-Leach-Bliley Act of 2000 requires companies significantly involved in financial activities to provide security and confidentiality of non-public customer’s personal records and information.
This law had impacted the financial industry. All covered businesses must be in full compliance by July 1, 2002.
Examples of non-public personal information:
• That an individual is a customer • Customer’s name and address • Social Security Number • Account numbers • Application information • Consumer report information • Credit card information
Identity Theft and Privacy Laws
Fast approaching laws are coming to help protect privacy. Identity theft is a growing problem and states are stepping up with laws to protect the individual. These laws address the disposal of any record containing personal information. States who currently have adopted laws are:
Fair Credit Reporting Act 602. Congressional findings and statement of purpose [15 U.S.C. 1681] (a) Accuracy and fairness of credit reporting. The Congress makes the following findings: 4. There is a need to insure that consumer reporting agencies exercise their grave responsibilities with fairness, impartiality and a respect for the consumer's right to privacy.