EmployeeScreenIQ Blog

This story out of the Palm Beach Post caught my eye because it involves so many warning signs that an employer missed or failed to follow up on and ultimately resulted in disaster.  Erika Morales showed up for her first day of work at a medical supply company with an electronic monitoring device courtesy of Palm Beach county.  When asked, she said that she needed to resolve a domestic issue.  The employer never followed up.  Ms. Morales was given access to the personal information of hundreds of clients and in turn used that information to commit identity theft and steal from them.

She is now in jail and charged with 25 counts of identity theft.  See story.

Here’s what we learned in the wash.  The employer says that they conducted an employment background check.  Of course the first signal that perhaps the check was flawed would have been the lovely jewelry she wore around her ankle.  Here’s what they missed:

• If they would have conducted employment verifications or professional reference interviews they could have known this from her past employers:
  • • Walmart: stole two $500 gift cards.
    • Yellow Cab: stole more than $4,000 by logging phony trips and running customers’ credit cards more than once.
    • Kauff’s Towing: stole about $2,500. Prosecutors declined to prosecute.
• If the would have run a credit report, they would have seen that she had over $78,000 of liens and judgments against her.
• And then to 6 arrests for fraud and a two year stint in prison that might have been revealed if a proper criminal background check was completed

Who know how much this will cost her employer or how badly their reputation has been damaged.  It could have been avoided with an inexpensive, but thorough employment background check.

Continue Reading

We are intrigued by how quickly and stealthly (word? we’ll add that to the “Nicktionary”) the March 1st deadline for complying with the new Massachusetts Data Security Regulations came and went.  We also think that there isn’t a whole lot of information out there about exactly who this affects and how they can comply; not even from the state’s attorney general.  So we sought the expert advice of Massachusetts attorney Michael S. Kraft to help educate us.  Check out our podcast below which highlights what the regulations entail, who they affect and how companies can get in compliance.  While the regulations are fairly sweeping and apply to more than just human resource practices, we focused on the personal data employers receive from job applicants and their employment applications and background check releases.

Also, Michael offered the following compliance checklist for employers:

• Develop a written information security plan (WISP);
• Identify all foreseeable risks in your organization by examining every nook and cranny where data enters, leaves or is stored;
• Implement security policies and procedures and train your employees
• Secure all paper and electronic records; provide encryption
• Obtain written assurances from all vendors that they are compliant
• Regularly monitor and review to insure compliance

Continue Reading

Massachusetts attorney Michael S. Kraft was kind enough to correct me on the entry I posted last week about the state’s new data security regulations.  According to Mr. Kraft, not only do organizations based in the state of Massachusetts need to draft a policy to protect personal information, but any business that has any employee or consumer customer located in Massachusetts.

I checked out his blog and also found other helpful advice for how employers can comply with these guidelines.

The new Massachusetts data security regulation goes into effect on Monday, March 1. If you have not yet begun to plan for the deadline, then likely either you are unaware of the requirements, or you are feeling overwhelmed by them. And who would blame you in light of the seemingly endless list of tasks:

• Develop a written information security plan (WISP);
• Identify all foreseeable risks in your organization by examining every nook and cranny where data enters, leaves or is stored;
• Implement security policies and procedures and train your employees
• Secure all paper and electronic records; provide encryption
• Obtain written assurances from all vendors that they are compliant
• Regularly monitor and review to insure compliance

You know that it is vitally important, both because it’s legally required and because it’s the right thing to do to protect your customers.  But where to begin? Do you need professional assistance – a lawyer or specialized IT firm to accomplish this task?  That really depends on the size and nature of your business, the data that requires protection and how much time and energy you are willing to devote to the process.  Many businesses are probably capable of accomplishing a lot on their own. For the most part, the regulation is a straightforward recitation of the tasks needed to comply. But is that the best use of your time? Noted author and business consultant Andy Birol would caution business owners to judge very carefully those tasks that they choose to do by themselves and those that are properly delegated.

More

Continue Reading

It’s been fairly smooth sailing for the E-Verify, the government program that allows employers to check the legal right to work status of an employee in the United states, since it was made mandatory for federal contractors last year.  That is until now, where it is being reported that this system is failing to catch more than half of all illegal workers.  The technology is not the problem, nor are Social Security Administration’s or Department of Homeland Security’s databases.  The issue lies in its inability to detect identity fraud.  In other words, if the employee fills out their I-9 Form and presents documents that contain valid information (such as a social security, passport or drivers license number), the system simply can’t tell that they belong to someone else.

I suppose this is a better problem to have then the system regularly spitting our tentative non-confirmations for legal workers, but still something that will have to be addressed in some fashion.

Report: E-Verify Misses Half of Illegal Workers

By SUZANNE GAMBOA, Associated Press Writer – Thu Feb 25, 3:09 am ET

WASHINGTON – The system Congress and the Obama administration want employers to use to help curb illegal immigration is failing to catch more than half the number of unauthorized workers it checks, a research company has found.

The online tool E-Verify, now used voluntarily by employers, wrongly clears illegal workers about 54 percent of the time, according to Westat, a research company that evaluated the system for theHomeland Security Department. E-Verify missed so many illegal workers mainly because it can’t detect identity fraud, Westat said.

“Clearly it means it’s not doing its No. 1 job well enough,” said Mark Rosenblum, a researcher at the Migration Policy Institute, a nonpartisan Washington think tank.

E-Verify allows employers to run a worker’s information againstHomeland Security and Social Security databases to check whether the person is permitted to work in the U.S. The Obama administration has made cracking down on employers who hire people here illegally a central part of its immigration enforcement policy, and there are expectations that some Republicans in Congress will try in coming weeks to make E-Verify mandatory.

E-Verify correctly identified legal workers 93 percent of the time, Westat said. However, previous studies have not quantified how many immigrants were fooling the E-Verify system. Much of the criticism of E-Verify has focused on whether U.S. citizens and legal immigrants with permission to work were falsely flagged as illegal workers.

More

Continue Reading

It is indeed a rare day when I will applaud legislation that aims to restrict those who provide employment background checks. We’ve just learned that the California legislature has introducedSenate Bill 909 which would mandate that a background screener “that prepares or processes in any manner an investigative consumer report, or portion thereof, outside of the United States or its territories to make specified disclosures to the potential user of this information, including, but not limited to, the country or countries where the report, or portion thereof, will be prepared or processed. The bill would also prohibit an investigative consumer reporting agency from transmitting a consumer’s social security number, except for the last 4 digits, outside of the United States or its territories.”

I support this bill because as an industry, we have an obligation to protect both our clients and their employees, and or prospective employees.  Identity theft is rampant in our society today and we all strive to ensure that the personal information that is provided to us in order to conduct a background check is held in the strictest of confidence.

There are some in our industry that choose to off-shore this information because let’s face it, it’s cheaper than paying someone to do it stateside.  Of course, once the information leaves the direct control of the screening company, what could happen next is anyone’s guess.

This law would obligate companies that off-shore this information to disclose that fact.  According to the bill, it would also, ”prohibit an investigative consumer reporting agency from transmitting a consumer’s social security number, except for the last 4 digits, outside of the United States or its territories. The bill would require these agencies to adopt and publish a privacy policy relating to information contained in reports that are prepared or processed outside of the United States, as specified. The bill would provide that an investigative consumer reporting agency is liable to a consumer who is harmed by any act or omission that occurs outside the United States or its territories, as specified.

Lastly, it is important to note that this bill exempts these requirements for those conducting background checks on individuals that live outside of the United States.

This bill is a win/win for employers and consumers.  We know that this effort will not be popular with those in our industry engaged in this practice, but it is efforts like these that will ultimately benefit the industry at-large.  We hope that it passes and would like to see similar legislation on a federal level.

Read the California SB909

Continue Reading

We realized recently that we have been negligent in adding to our “Smooth Criminal” series.  One of the great things about being in the background screening business is that we get to see all kinds of crazy things.  The things we see everyday can’t be written about for obvious confidentiality reasons.  However, oftentimes the news does the work for us!  Its not hard these days to open your internet browser and come across one of these….smooth criminals!

Criminals Use Fake ‘Office’ I.D. to Steal Ricky Gervais’ Cash

Just when we think we’ve heard about the dumbest criminal on this planet, another story breaks and leaves our mouths agape. With this latest one, we almost don’t know where to start. Let’s preface it with this: If you’re going to scam a celebrity, you better bring your A-game.

Unfortunately, a group of UK-based, bungling criminals didn’t even bring their D-game. According to The Sun, British actor Ricky Gervais revealed for the first time that a group of unidentified crooks attempted to use a fake passport several years ago to steal about $330,000 from his bank account. But it gets better. Instead of finding a picture of Gervais himself for the passport, they just cut out the picture of his character, David Brent, from the DVD cover of the UK version of ‘The Office’. And why did they need all that cash? To buy gold bullion, of course (we swear this isn’t a plot from Gervais’ next comedy). After Gervais gave his bank permission, it contacted police, who arrested the dumb criminals while they attempted to purchase the gold.

The would-be thieves were sent to jail, and Gervais says he can laugh about the ordeal now. “We were laughing for ten minutes,” he told The Sun. ” …it’s a picture of David Brent sitting at a desk with that little smug look on his face!”

In other news, Steve Carrell was seen at a Best Buy grabbing armfuls of DVDs of the U.S. version of ‘The Office’ and shouting “I’m not Michael Scott!” [From: The Sun]

More

Continue Reading

As many of you know we have done quite a bit over the years with the Society for Human Resource Management (SHRM).  Not only have we exhibited at many of their conferences but we have also had their Chief Operating Officer China Gorman participate in podcasts.  In addition we have been invited to speak at several of their chapter conferences and even the Staffing Management Conference last April.

I was honored when they asked me to participate in a video series they were conducting.  In the interview they asked many great questions including topics relating to Background Screening, Identity Theft, E-Verify and Post Employment Screening.

You must be a member to view the video’s and I encourage you to do so!  This particular clip focuses on Identity Theft and Employment Screening.

Continue Reading

In a development that should surprise absolutely no one, the Federal Trade Commission has announced another delay in their enforcement of the “Red Flag” guidelines aimed to curb identity theft until November 1, 2009.

They have done so, “To assist small businesses and other entities, the Federal Trade Commission staff will redouble its efforts to educate them about compliance with the “Red Flags” Rule and ease compliance by providing additional resources and guidance to clarify whether businesses are covered by the Rule and what they must do to comply. To give creditors and financial institutions more time to review this guidance and develop and implement written Identity Theft Prevention Programs, the FTC will further delay enforcement of the Rule until November 1, 2009.”

Important for Employers Engaged in Employment Screening and Background Checks!
We been in contact with the FTC and learned that this delay does not apply to employers who still need to be in compliance by the original November 1, 2008 deadline. Employers must still have a policy in place to handle “Red Flag” Address Discrepancy Notifications from National Consumer Reporting Agencies (mainly the credit bureaus).

For information for how employers can comply with the “Red Flags” Guidelines, feel free to download our webcast with Seyfarth Shaw’s Pam Devata.

Continue Reading

Screening your employees before they get hired is the norm.  Utilizing new tools to screen your employees after they are employed is gaining momentum.  Services such as IQ Review have been available for a few years.  If you are a loyal reader you know we don’t use our blog for shameless plugs, however, its a nice tie in to the story below!  Let this serve as a lesson to employers to utilize all the employment screening tools available to you.

UGA Employee Kept Working Despite Facing Felony Theft Charge

A University employee, working as a computer specialist with access to student Social Security numbers, continued to work in the Registrar’s Office for almost a year despite facing a felony theft by deception charge that in April resulted in a guilty plea yielding a 10-year prison term.

William Ora Mullen accepted a plea deal on April 28, the same day he submitted his letter of resignation to the University.

But, it was not until May 6, nearly a week after the plea and 10 months after he was originally charged, that the University learned the details behind Mullen’s sudden resignation. Mullen informed the Office of Legal Affairs of his guilty plea, and within hours Registrar Rebecca Macon removed his access to University servers and databases, and had all passwords changed.

“When he notified us [of the conviction], we took him out of the office and we were done with him,” Tom Jackson, vice president of Public Affairs, told The Red & Black. “According to Rebecca Macon he used some vacation hours but was not in the office once he reported the violation.”

At that point, the University was in scramble mode. Mullen was given half sick days on May 6 and 8 and full sick days on May 11 and 12. On May 7, Macon accepted Mullen’s vague resignation letter.

In it, Mullen wrote “this decision is unfortunately not of my own choosing and is necessary considering my current situation.”

More

Continue Reading

We have seen this before and we will see it again.  Worried about identity theft, Texas legislators are attempting to remove dates of birth (DOB’s) from public records.  The National Association of Professional Background Screeners (NAPBS) is aware of the issue and will be in contact with Texas officials.  NAPBS has been successful in several states when these issues have surfaced in the past.  Whereas this bill does not directly remove DOB’s from all public records, its sends the wrong message.  Any type of redaction could open a pandora’s box of legislation. DOB’s are a critical piece of information when conducting a background check.  If the public record does not include the Social Security Number, a DOB is the only way to identify the subject as the one a search is being conducted on.  Using an individuals DOB to commit identity theft without the Social Security Number is virtually impossible, therefore NAPBS has taken a strict position against redaction of this critical information. NAPBS and employeescreenIQ will be releasing more information on how you can contact Texas lawmakers in the coming days.  We will be updating employeescreen University regularly as information becomes available.

Bill Seeks to Pull Birth Dates from Public Records

By JACKIE STONE Associated Press Writer © 2009 The Associated Press

AUSTIN, Texas — Texas lawmakers worried about identity theft are trying to remove state employees’ birth dates from public records — a move journalists and open records advocates say is unnecessary and will hamper government oversight.

A proposal by Rep. Helen Giddings, D-DeSoto, that would make the information private is scheduled for a public hearing Tuesday. A Senate version of the bill had a hearing earlier this month.

Those and at least two other bills filed in the Legislature this session could supersede a pending Texas Supreme Court case between The Dallas Morning News and the state comptroller’s office.

In 2006 the comptroller’s office filed a lawsuit asking that birth dates be ruled as personal information exempt from open records requests. That was after then-Comptroller Carole Keeton Strayhorn refused to include birth dates with employee payroll records requested by the Morning News. Past records have included the dates.

Current Comptroller Susan Combs has backed Strayhorn’s decision as the case moved through the lower courts.

“The main date-of-birth problem we have is identity theft, and identity theft is one of the nation’s fastest growing, most expensive criminal enterprises,” said Allen Spelce, a spokesman for Combs.

More

Continue Reading