EmployeeScreenIQ Blog

It is indeed a rare day when I will applaud legislation that aims to restrict those who provide employment background checks. We’ve just learned that the California legislature has introducedSenate Bill 909 which would mandate that a background screener “that prepares or processes in any manner an investigative consumer report, or portion thereof, outside of the United States or its territories to make specified disclosures to the potential user of this information, including, but not limited to, the country or countries where the report, or portion thereof, will be prepared or processed. The bill would also prohibit an investigative consumer reporting agency from transmitting a consumer’s social security number, except for the last 4 digits, outside of the United States or its territories.”

I support this bill because as an industry, we have an obligation to protect both our clients and their employees, and or prospective employees.  Identity theft is rampant in our society today and we all strive to ensure that the personal information that is provided to us in order to conduct a background check is held in the strictest of confidence.

There are some in our industry that choose to off-shore this information because let’s face it, it’s cheaper than paying someone to do it stateside.  Of course, once the information leaves the direct control of the screening company, what could happen next is anyone’s guess.

This law would obligate companies that off-shore this information to disclose that fact.  According to the bill, it would also, ”prohibit an investigative consumer reporting agency from transmitting a consumer’s social security number, except for the last 4 digits, outside of the United States or its territories. The bill would require these agencies to adopt and publish a privacy policy relating to information contained in reports that are prepared or processed outside of the United States, as specified. The bill would provide that an investigative consumer reporting agency is liable to a consumer who is harmed by any act or omission that occurs outside the United States or its territories, as specified.

Lastly, it is important to note that this bill exempts these requirements for those conducting background checks on individuals that live outside of the United States.

This bill is a win/win for employers and consumers.  We know that this effort will not be popular with those in our industry engaged in this practice, but it is efforts like these that will ultimately benefit the industry at-large.  We hope that it passes and would like to see similar legislation on a federal level.

Read the California SB909

Continue Reading

We realized recently that we have been negligent in adding to our “Smooth Criminal” series.  One of the great things about being in the background screening business is that we get to see all kinds of crazy things.  The things we see everyday can’t be written about for obvious confidentiality reasons.  However, oftentimes the news does the work for us!  Its not hard these days to open your internet browser and come across one of these….smooth criminals!

Criminals Use Fake ‘Office’ I.D. to Steal Ricky Gervais’ Cash

Just when we think we’ve heard about the dumbest criminal on this planet, another story breaks and leaves our mouths agape. With this latest one, we almost don’t know where to start. Let’s preface it with this: If you’re going to scam a celebrity, you better bring your A-game.

Unfortunately, a group of UK-based, bungling criminals didn’t even bring their D-game. According to The Sun, British actor Ricky Gervais revealed for the first time that a group of unidentified crooks attempted to use a fake passport several years ago to steal about $330,000 from his bank account. But it gets better. Instead of finding a picture of Gervais himself for the passport, they just cut out the picture of his character, David Brent, from the DVD cover of the UK version of ‘The Office’. And why did they need all that cash? To buy gold bullion, of course (we swear this isn’t a plot from Gervais’ next comedy). After Gervais gave his bank permission, it contacted police, who arrested the dumb criminals while they attempted to purchase the gold.

The would-be thieves were sent to jail, and Gervais says he can laugh about the ordeal now. “We were laughing for ten minutes,” he told The Sun. ” …it’s a picture of David Brent sitting at a desk with that little smug look on his face!”

In other news, Steve Carrell was seen at a Best Buy grabbing armfuls of DVDs of the U.S. version of ‘The Office’ and shouting “I’m not Michael Scott!” [From: The Sun]

More

Continue Reading

As many of you know we have done quite a bit over the years with the Society for Human Resource Management (SHRM).  Not only have we exhibited at many of their conferences but we have also had their Chief Operating Officer China Gorman participate in podcasts.  In addition we have been invited to speak at several of their chapter conferences and even the Staffing Management Conference last April.

I was honored when they asked me to participate in a video series they were conducting.  In the interview they asked many great questions including topics relating to Background Screening, Identity Theft, E-Verify and Post Employment Screening.

You must be a member to view the video’s and I encourage you to do so!  This particular clip focuses on Identity Theft and Employment Screening.

Continue Reading

In a development that should surprise absolutely no one, the Federal Trade Commission has announced another delay in their enforcement of the “Red Flag” guidelines aimed to curb identity theft until November 1, 2009.

They have done so, “To assist small businesses and other entities, the Federal Trade Commission staff will redouble its efforts to educate them about compliance with the “Red Flags” Rule and ease compliance by providing additional resources and guidance to clarify whether businesses are covered by the Rule and what they must do to comply. To give creditors and financial institutions more time to review this guidance and develop and implement written Identity Theft Prevention Programs, the FTC will further delay enforcement of the Rule until November 1, 2009.”

Important for Employers Engaged in Employment Screening and Background Checks!
We been in contact with the FTC and learned that this delay does not apply to employers who still need to be in compliance by the original November 1, 2008 deadline. Employers must still have a policy in place to handle “Red Flag” Address Discrepancy Notifications from National Consumer Reporting Agencies (mainly the credit bureaus).

For information for how employers can comply with the “Red Flags” Guidelines, feel free to download our webcast with Seyfarth Shaw’s Pam Devata.

Continue Reading

Screening your employees before they get hired is the norm.  Utilizing new tools to screen your employees after they are employed is gaining momentum.  Services such as IQ Review have been available for a few years.  If you are a loyal reader you know we don’t use our blog for shameless plugs, however, its a nice tie in to the story below!  Let this serve as a lesson to employers to utilize all the employment screening tools available to you.

UGA Employee Kept Working Despite Facing Felony Theft Charge

A University employee, working as a computer specialist with access to student Social Security numbers, continued to work in the Registrar’s Office for almost a year despite facing a felony theft by deception charge that in April resulted in a guilty plea yielding a 10-year prison term.

William Ora Mullen accepted a plea deal on April 28, the same day he submitted his letter of resignation to the University.

But, it was not until May 6, nearly a week after the plea and 10 months after he was originally charged, that the University learned the details behind Mullen’s sudden resignation. Mullen informed the Office of Legal Affairs of his guilty plea, and within hours Registrar Rebecca Macon removed his access to University servers and databases, and had all passwords changed.

“When he notified us [of the conviction], we took him out of the office and we were done with him,” Tom Jackson, vice president of Public Affairs, told The Red & Black. “According to Rebecca Macon he used some vacation hours but was not in the office once he reported the violation.”

At that point, the University was in scramble mode. Mullen was given half sick days on May 6 and 8 and full sick days on May 11 and 12. On May 7, Macon accepted Mullen’s vague resignation letter.

In it, Mullen wrote “this decision is unfortunately not of my own choosing and is necessary considering my current situation.”

More

Continue Reading

We have seen this before and we will see it again.  Worried about identity theft, Texas legislators are attempting to remove dates of birth (DOB’s) from public records.  The National Association of Professional Background Screeners (NAPBS) is aware of the issue and will be in contact with Texas officials.  NAPBS has been successful in several states when these issues have surfaced in the past.  Whereas this bill does not directly remove DOB’s from all public records, its sends the wrong message.  Any type of redaction could open a pandora’s box of legislation. DOB’s are a critical piece of information when conducting a background check.  If the public record does not include the Social Security Number, a DOB is the only way to identify the subject as the one a search is being conducted on.  Using an individuals DOB to commit identity theft without the Social Security Number is virtually impossible, therefore NAPBS has taken a strict position against redaction of this critical information. NAPBS and employeescreenIQ will be releasing more information on how you can contact Texas lawmakers in the coming days.  We will be updating employeescreen University regularly as information becomes available.

Bill Seeks to Pull Birth Dates from Public Records

By JACKIE STONE Associated Press Writer © 2009 The Associated Press

AUSTIN, Texas — Texas lawmakers worried about identity theft are trying to remove state employees’ birth dates from public records — a move journalists and open records advocates say is unnecessary and will hamper government oversight.

A proposal by Rep. Helen Giddings, D-DeSoto, that would make the information private is scheduled for a public hearing Tuesday. A Senate version of the bill had a hearing earlier this month.

Those and at least two other bills filed in the Legislature this session could supersede a pending Texas Supreme Court case between The Dallas Morning News and the state comptroller’s office.

In 2006 the comptroller’s office filed a lawsuit asking that birth dates be ruled as personal information exempt from open records requests. That was after then-Comptroller Carole Keeton Strayhorn refused to include birth dates with employee payroll records requested by the Morning News. Past records have included the dates.

Current Comptroller Susan Combs has backed Strayhorn’s decision as the case moved through the lower courts.

“The main date-of-birth problem we have is identity theft, and identity theft is one of the nation’s fastest growing, most expensive criminal enterprises,” said Allen Spelce, a spokesman for Combs.

More

Continue Reading

I had the honor of representing the National Association of Professional Background Screeners (NAPBS) along with 20 other colleagues from the screening industry on their annual Washington DC lobbying event.  We had a busy schedule of meetings over a two day time period highlighted by sessions with the EEOC, FTC and officers of our nation’s senators and congressmen.

We met with staffers from the following legislators: Senator Chuck Grassley (Republican-Iowa), Senator Kay Bailey Hutchison (Republican-Texas), Senator Mark Warren (Democrat- Virginia), Congressman Sam Johnson (Republican-Texas), Congressman Rodney Frelinghuysen (Republican- New Jersey), Senator Charles Schumer (Democrat- New York), Sentor Orrin Hatch (Republican- Utah), Senator Kay Hagan, Democrat, North Carolina, Senator Arlen Specter (Republican- Pennsylvania), Congressman Lamar Smith (Republican- Texas), Senator Byron Dorgan (Democrat- North Dakota), Senator Patrick Leahy (Democrat- Vermont), Congressman James Moran (Democrat- Virginia), Senator John Kerry (Democrat- Massachusetts), Senator Dianne Feinstein (Democrat- California), Senator Benjamin Cardin (Democrat- Maryland), Senator John Ensign (Republican- Nevada) and Senator Johnny Isakson (Republican- Georgia).  Our meetings primarily focused on three core issues which are being addressed in upcoming legislation:

Senate  Bill 163 (Child Protection Improvements Act of 2009)- Calls for the development of a mandatory background screening process for child care givers (day care, teachers, camps, etc.).  As an industry, we fully support this legislation.  However, we have concerns about the type of background check that the bill calls for, particularly its reliance on the FBI Criminal Database and state criminal record repositories.  It is a commonly held misconception that these two resources are the most accurate and reliable resources for conducting background checks.  In reality, there are far more effective methods for determining whether someone has been convicted of criminal activity.  The most thorough, accurate and reliable method being a county criminal record search in all counties where the subject has resided under all names used complemented by a National Criminal Record Search which includes a multi-jurisdictional Sex Offender Registry Search.

Senate Bill 141 and House Resolution 122 (Protecting the Privacy of Social Security Numbers Act of 2009)- This bill is aimed at curbing identity theft and calls for a limitation on how Social Security Numbers can be used in commercial situations.  Such measures include restricting access to public records which contain this information.  There is a provision to protect the continued permissible use of personal identifiers for legitimate purposes such as background screening and our efforts focused around reinforcing the need for this language and educating staffers on the importance for these identifiers.

Extension of E-Verify Program- This internet-based system is operated by the Department of Homeland Security and the Social Security Administration and allows employers to electronically verify the employment eligibility of their employees.  House Resolution 1105 reauthorized the program through 9/30/09 and we support further extension of this important government program.

Meeting with the EEOC

This was a truly enlightening experience.  We met with Carol R. Miaskoff who is an Assistant Legal Counsel for the agency.  Carol shared with us the role of the EEOC and its stance on background checks.  She was very clear that the EEOC did not have a problem with background checks as anexercise proper due diligence.  Where they do take exception is with bright line policies such as “do not hire anyone with a criminal record”.  They believe that such policies would have a disparate impact on minorities.  We spent a great deal of time discussing El v. Septa as it will continue to be an important force in future guidelines on background screening.  At the end of the day, the EEOC wants employers to demonstrate job relatedness, the nature of the offense, whether the candidate was a repeat offender and how long ago the crime was committed.

Meeting with the FTC

I was not there for this meeting but I understand that much of the meeting focused on the privacy issues previously mentioned on SB 141 and HR 122.

I was a truly an enlightening experience which provided much insight into our legislative process.  I am confident that the work we accomplished in just two days will have a positive impact on our industry and on employers that rely on the use of employment background checks.

Continue Reading

The last thing any job seeker wants or needs at a time like this is someone taking advantage of their situation for personal gain.  According to the Bureau of Labor Statistics, there are currently 11.1 million U.S. citizens unemployed.  This has created a virtual breeding ground for identity thieves and other criminals looking to take advantage of the job seekers’ desperation over finding employment.  Those surfing the web looking for jobs and/or job leads need to be very careful when it comes to sending any organization or individual personal information about themselves.

We have written extensively about the topic of identity theft and have provided sound advice to both employers and job seekers on ways to protect their sensitive information.  employeescreenIQ’s Rob Thomson just wrote an article on this topic called “Don’t Let Someone Take Credit For (From) You!” which has been published in our most recent edition of The Verifier.  We’ve also maintained an ongoing blog thread about identity theft as it relates to both consumers and employers.  There is no limit on the amount of information available for consumers looking to protect their personal information or for those whose identities and/or bank accounts have already been compromised.  Thieves are counting on the  uninformed in order for their ploy to succeed.  Don’t give them the upper hand!

Local Contractor Gets Scammed While Looking For Work

By Neda Iranpour, Channel 2 News – January 12, 2008

As the economy spirals downward so does Dennis Hunter’s hope to line up new work. Not many people are looking to have security systems installed these days. “(I am an) installer of Direct TV and installer of home security systems, it fell apart I’ve been out of work now for a month and a half.”

So Dennis checks web sites like www.craigslist.com daily. He came across an ad for experienced handymen or contractors. It sent him to www.mycontractorsource.com.”I didn’t see anything that seemed illegitimate.”

He was told to submit information for a background check, ”they’ve got my driver’s license, my social security number and my address. They’ve got access to my entire world.”

He gave up his personal info, in exchange for leads for work within 48 hours.”It’s right on the website, within 48 hours they’re going to give you work, but I never saw a thing.”

Turns out Dennis was not alone. He got several e-mails from other contractors who never got any leads for jobs either. Some people wrote “this is a scam,” while another email warned contractors “to check your bank accounts.”

$100 was taken out of Dennis’ account, twice without his permission. “When you give into the wrong individual, now what? You try to do legit work and you get bit in the rear.”

Dennis closed out his debit card and his bank says their fraud investigation team will look into this.

Our calls to www.mycontractersource.com have not been returned.

Continue Reading

Privacy Rights Clearinghouse is a nonprofit consumer information and advocacy organization that has maintained a list of data breaches affecting consumer information since January of 2005.  From the information they have compiled, they estimate that over 246,000,000 records containing sensitive personal information have been compromised either by hackers, employees, via stolen property or accident.  In 2008 alone, Privacy Rights Clearinghouse has documented 310 security breaches of sensitive data.  A percentage of those breaches have occurred due to employee theft.  Here are some of the highlights from the past year:

UCLA Medical Center has moved to fire 13 employees and suspended six others for unauthorized access to confidential medical records.
UPDATE (8/5/08): The latest report said 127 workers peeked into celebrities’ medical records without permission, leading to several firings, suspensions and warnings. The report also detailed the case of one employee who looked at the records of about 900 patients “without any legitimate reason” and viewed Social Security numbers, health insurance information and addresses, from April 2003 to May 2007. 

Number of records – 900

Marine Corps Reserve Center (San Antonio, TX) – May 2, 2008

A former U.S. military contractor has pleaded guilty to exceeding authorized access to a computer and aggravated identity theft after he was accused of selling names and Social Security numbers of 17,000 military employees. 

Number of records – 17,000

State Street Corp/Investors Financial Services (Boston, MA) – May 29, 2008

Computer equipment containing personal information on customers and employees of a State Street unit was stolen. The computer equipment was stolen from a vendor hired by Investors Financial Services to provide legal support services. The personal information included names, addresses and social security numbers. 

Number of records – 45,500

Countrywide Financial Corp. (Calabasas, CA) – August 2, 2008

The FBI on Friday arrested a former Countrywide Financial Corp. employee and another man in an alleged scheme to steal and sell sensitive personal information, including Social Security numbers. The breach occurred over a two-year period though July. The insider was a senior financial analyst at Full Spectrum Lending, Countrywide’s subprime lending division. The alleged data thief was said to have downloaded about 20,000 customer profiles each week and sold files with that many names for $500, according to the affidavit. He typically would e-mail the data in Excel spreadsheets to his buyers, often using computers at Kinko’s copying and business center stores. Some, perhaps most, and possibly all the names were being sold to people in the mortgage industry to make new pitches. 

Number of records – 2,000,000

Liberty McDonald’s Restaurant (Liberty, KY) – August 22, 2008

An employee at a Liberty McDonald’s restaurant, took credit or debit cards from drive-through customers and used a device she had hidden near the window to swipe the cards to record their numbers. The information on the device then was downloaded and used to make new cards either in the names of the persons to which the original cards belonged or in the names of the perpetrators. 

Number of records – Unknown

Ohio Police & Fire Pension System (Columbus, OH) – August 30, 2008

A former mailroom supervisor at the Ohio Police & Fire Pension System forwarded the names, addresses and Social Security numbers from his work e-mail address to his personal e-mail address before quitting his job. The file contains information for 13,000 of the approximately 24,000 retired members of the Ohio Police & Fire Pension System, most of whom are former police officers. 

Number of records – 13,000

Shell Oil Co. (Houston, TX) – October 27, 2008

An IT contractor used the personal data of four Shell workers as part of an unemployment insurance claims scam. Employees of a third-party contractor misused information stored in a corporate database. The database includes records for a majority of current and former Shell employees. Misused data included names, dates of birth and Social Security numbers. 

Number of records – Unknown 

The importance of performing background checks on your employees and contractors cannot be overstated.  The results you find may discourage you from hiring someone that, down the line, could be one of those that breach the security of your sensitive information.

For a complete listing of data breaches maintained by Privacy Rights Clearinghouse since January of 2005, click here.

Continue Reading

We have written about identity theft in previous blogs, focusing primarily on red flag regulations.  Identity Theft lends itself to background screening due to the many identifiers used for the process.  End users of consumer reports need to be conscious of what they do with background check information when they are done using it.  Developing a document destruction program for your company is the best place to start.  In the following article found on yahoo.com, the author describes how valuable your identity is on the open black market.

The value of your stolen identity: About $120

Consumers who’ve had to invest months of time and gallons of antacid on resolving an identity theft problem may find cold comfort in the revelation that identities like theirs are painfully cheap when they’re traded online. The going rate for a “complete” identity (including name, address, passport, credit card info, driver’s license number, and even banking passwords): About 120 bucks.

In stark contrast to that pittance: The average identity theft-based fraud actually reaps over $21,000 for the perpetrator.

Why so cheap? Primarily it’s because there are so many stolen identities available, so crooks who are willing to take the risk on using someone else’s identity to drain bank accounts and run up bills have a vast number of IDs to choose from. In a perverse way that’s good news: Even if your account and identity information is compromised, there’s a good chance that you won’t actually be the victim of a financial crime because the ID may never be used.

More

Continue Reading