KEEPING DATA SECURE—AND BEING READY WITH CRISIS RESPONSE

 

Here’s something an increasing number of Payroll pros have had to tell employees: “Your identity has been stolen.”

 

Fact is, 7% of the U.S. population – 17.6 million citizens – fell victim to identify theft in 2014, according to Mark Eichorn of the Federal Trade Commission (FTC), who spoke at the 2017 Capital Summit.

 

And because of the growing number of email scams targeting Payroll departments, these crimes are hitting close to home.

 

Prevention is the best medicine

 

Eichorn told conference attendees the FTC has tons of useful advice for keeping employee info safe. The FTC suggests you:

 

Start with security in mind. That means collecting only info you truly need, and destroying it as soon as there’s no longer a business need.

 

Control access sensibly. Tips: Restrict access to the most sensitive data, and limit admin access.

 

Create secure passwords. The FTC suggest insisting on using complex and unique passwords, and storing those passwords securely.

 

Responding to disaster

 

Of course, there are times when Payroll’s info will be compromised – despite everyone’s best intentions. The IRS has compiled a number of contacts to use if data is stolen.

 

Here’s what you should know:

 

Reporting to the IRS: email dataloss@irs.gov

 

Reporting to state tax agencies: email StateAlert@taxadmin.com for info and

 

Reporting to the FBI’s Internet Crime Compliant Center: visit www.ic3.gov

 

You’ll then need to advise employees. The IRS suggests you:

 

Sent the Taxpayer Guide to Identity Theft (tinyurl.com/5027529), and

 

Visit www.identitytheft.gov for ways to recover from ID theft.

 

If you receive a W-2 scam email but don’t fall victim, the IRS asks you to forward the email to phishing@irs.gov.