John Herr – January 4, 2010
The Danger: Growing & Misunderstood
While the threat of identity theft is widely understood by consumers, the dramatic impact identity theft can have on worker productivity is much less appreciated. It takes people on average 330 hours to address an incident of ID theft. Much of that time needs to be taken during business hours when relevant agencies and offices can be contacted. The furtive phone calls, questions from co-workers, and struggles with the fax and scanner machines add up quickly. That average figure of 330 hours – or the equivalent of eight work weeks – takes place over the course of 4-6 months to repair the damage, according to the non-profit Identity Theft Resource Center. When you aggregate the published research data, we’re looking at more than 3 billion hours lost to identity theft in the US every year in the form of personal days or workday distractions.
As the scope and severity of identity theft expands, resolution alone isn’t the only challenge – the specter of a breach becomes a drain on morale and an energy-draining source of background anxiety for all workers. This is particularly the case for workers responsible not only for protecting their own identities, but also those of their colleagues – think of security, finance or human resource professionals. Recent Gallup research shows that 66% of American adults are worried about identity theft. “Hiding” behaviors undertaken in the workplace in the belief that they’ll limit the threat consume time and may actually do more harm than good.
Since independent research shows that the majority of identity theft takes place in offline contexts – via paper records sitting on office desks, for example – progressive business owners are taking action to fully protect their businesses, employees, customers, and other stakeholders. It’s remarkably cost-effective and pays many dividends, particularly for human resources departments and the employees they serve.
The Solution: Cost-Effective, Complete and a Chance to Connect with Employees
To begin with, companies should consider offering ID protection and restoration alongside traditional benefits such as medical and life insurance for the same reason they offer employee assistance plans or vacation days –to attract and retain the best talent and to differentiate them from the rest of the pack.
Employers can also protect themselves from liability by minimizing breaches of personal employee data. With ID theft now America’s fastest-growing criminal enterprise – surpassing drug trafficking – this is no small consideration. 35 million records were jeopardized in 2008, according to the nonprofit Identity Theft Research Center. For example, the Federal Trade Commission noted that in 2007, 14% of these thefts occurred in the workplace.
In 2005, a new provision of the Fair Access to Credit Transactions Act (FACTA) became law. It set out that any employer whose action or inaction results in the loss of employee information can be fined by federal and state government, and sued in civil court. An employee is entitled to recover actual damages sustained if their identity is stolen due to the employer’s inaction, or statutory damages up to $1,000. Employees may also bring class-action suits against employers for actual and punitive damages. Plus, federal fines of up to $2,500 per employee, and state fines of up to $1,000 per employee also may be levied.
Offering identity theft protection as an employee benefit can provide some affirmative defense against potential fines, fees, and lawsuits. An employee can elect whether or not to have the cost deducted from wages, or it may be paid for by the employer. The most important thing is to make it somehow available, and to have an all-hands meeting on identity theft. Materials and explanations should be provided during orientation, as is done with health insurance.
If employees enjoy coverage and experience a breach, the employer is protected too: the affected individuals will spend less time and money dealing with the situation. If an employee decides against taking the protection and later asserts their identity was stolen due to the company or its employees, the employer has signed documentation that the would-be claimant has declined coverage.
While all benefits are designed to attract the best employees and improve performance, this particular benefit bears more resemblance to basics like medical or vision care than it does to perks like dry cleaning. All of these benefits are intended to minimize distractions or errands away from the worksite, but identity theft is particularly pernicious and productivity-threatening because of the way it can severely disrupt a victim’s life – like a medical incident.
This is a new frontier in benefits, and one we believe will grow exponentially over the next several years. About 4 out of 10 people report experiencing identity theft or know someone who has. Nearly 9 in 10 consumers would consider purchasing ID Theft Protection Services. The rapid expansion of identity theft makes it nearly certain, as does the ease and low cost with which protection can be added. In the case of our company, it is as little as $2.50 per employee per year. Human resources professionals can differentiate and accelerate their career advancement by tackling this issue proactively.
Aside from instituting an identity theft protection and restoration service as a benefit, HR professionals should be promoting best practices throughout their organizations to minimize liability and productivity loss. These practices can be applied in the home office, at the worksite desk, at the client site, and in many other contexts. Employees should be encouraged to:
- Shred bank, credit card, and other statements with printed account numbers
- Get a locking mailbox
- Create unique online passwords, change them regularly and don’t keep them on post-its or paper out in the open
- Refuse to use your social security number, date of birth, or other such data as a password when dealing with call centers and businesses
- Sign up for an identity protection service that monitors for both online and offline breaches and restores identity
Human resources professionals should also counsel their management to support the development and implementation of a workplace ID security policy. Given the policy implications outlined above, a company’s legal counsel will likely support HR professionals in any such efforts. Relevant language and trainings can be easily and cost-effectively folded into other safety activities like fire drills. While identity theft is perhaps less physically destructive than a fire or similar incident, it does have just as much power to drain dollars and morale out of your business.
President and Chief Executive Officer
John served as a board member and advisor to Custom Direct and EZShield since early 2008. He is a seasoned executive in the internet and technology marketplace. Over a period of six years at PayPal and eBay, John helped grow revenue from $400 million to nearly $8 billion. Prior to PayPal and eBay, John was SVP/GM at Buy.com, taking them from start-up to over $800 million in revenue. He worked for a number of years at Ziff Davis Publishing in senior executive roles in sales & marketing, general management, and international operations. John also worked in consumer marketing as a brand manager at Johnson & Johnson, and as a strategy consultant at Bain & Company. John has a Bachelor’s degree in Economics from Harvard University and earned his MBA from the Harvard Business School.