Author: Crown Information Managment

1000’s of abandoned confidential client files found in public garbage bin . . .

FORT MYERS, FL – A defunct law firm abandoned tens of thousands of confidential files containing personal information on their clients for years until a landlord threw them in a public garbage bin, a local television station is reporting.

Attorneys for the former firm of Annis, Mitchell, Cockey, Edwards and Roehn, abandoned the files after their firm closed. Ten thousand files of closed cases – ranging from divorces to sexual harassment – ended up in the hands of a reporter for WBBH, the television station reported. The files have since been turned over to a local attorney who was formerly employed by Annis Mitchell. The majority of the files remain in the landlord’s possession.

The firm had offices in Tampa, Fort Myers, Naples and Tallahassee before it was dissolved in 2001. A company that was formed as a remnant of the firm has since declared bankruptcy and an order in the bankruptcy case made each Annis Mitchell attorney responsible for their client’s files. “With identity theft the way it is, everything concerns me,” said former client Howard Wheeler, who hired the firm for a number of cases and whose files ended up in the garbage bin.

“It’s totally irresponsible,” said Herb Donica, the firm’s own bankruptcy attorney. “I can’t imagine why those files aren’t protected.”
The TV station reported in broadcasts Friday that the landlord of the former law offices repeatedly contacted the firm’s partners over the past two years asking them to pick up their files. The attorneys only took active files with them, George Vukobratovich told the station. Vukobratovich threw the files out when he finally had to make room for new tenants. The TV station said it was given files marked “confidential” The station said it told former Annis Mitchell attorneys it had the files more than a month ago, but still none of the attorneys tried to get them.

Elizabeth Tarbert, an ethics lawyer for the Florida Bar Association, said attorneys have to protect client files, even if the case is no longer active. The Florida Bar advises attorneys seeking to dispose of closed files to first contact their clients and ask them what they want done with the documents. If the files are to be disposed of, it needs to be done in a way which protects confidential information, such as shredding.

Associated Press

Businesses become victims of financial and non-financial identity theft . . .

In hard economic times, the likelihood of businesses becoming victims of financial and non-financial types of identity theft rises.  One of the most well-known business and corporate identity theft schemes is standard electronic data breaks, or hacking, to retrieve a customer’s personal identification and information.  But new trends include the theft and exposure of sensitive information by an employee of the company, and the abuse of a business’s line of credit by employees in order to purchase merchandise that is then resold.

To avoid such theft and fraud, businesses should identify privacy officers or assemble a team to enforce the rules regarding sensitive customer and employee information.  Businesses should also ensure all electronically stored information is safe.  Educate employees on identity theft and fraud, and the risks they can expose the company to just by visiting web sites, replying to e-mails from unknown senders, and shopping online at work!

An easy way for identity thieves to make a living . . .

Kessler International, a New York computer forensics firm conducted a six month study on the availability of information left on computers being resold. The company bought a total of 100 disk drives of various sizes from eBay and what they found was alarming – over 40 of the hard drives had retrievable information on them!
The breakdown of information is as follows:
Personal and Confidential documents, including financial information 36%
Emails 21%
Photos 13%
Corporate Documents 11%
Web Browsing History 11%
DNS Server Information 4%
Miscellaneous Data 4%

Many companies have recycled their old computers and hardware, without thinking about the repercussions of identity theft. They have no system in place that documents the destruction of the information. During tough economic times this becomes an even greater risk both to the company and the contacts of the user of each individual computer. Buying a used computer has now becomes one of the easy ways for identity thieves to make a living.

Total estimated risk of ID theft in US at approximately $1.5 billion . . .

Panda Security, a world leader in IT security, announced the findings from a comprehensive identity theft study conducted by PandaLabs, the company’s malware analysis and detection laboratory.

PandaLabs found that over three million of the audited users in the U.S. and more than 10 million users worldwide were infected with active identity theft-based malware last year.

According to one recent study published by an independent research firm, the mean cost per ID Theft incident in the U.S. is $496.00, putting the total estimated risk of ID theft from malware in this country alone at approximately $1.5 billion.

FL 3rd in the US in per capita rate of identity theft complaints . . .

Florida ranks third in the U.S. among the states in per capita rate of identity theft complaints and ninth in total overall complaints.  This comes as no surprise as Florida has a high population of senior citizens who are often targets of fraud.

However, it was notable that e-mail is now by far the preferred method of initial contact for those who are attempting to defraud someone.  The fraud complaints revealed that the victims were initially contacted by email 52% of the time and by phone only 7% of the time.

Twelve Truths that may help you protect yourself or someone you know . . .

Layoffs and cutbacks are directly affecting many of us today.  Most of us know someone, if not ourselves, who are looking for employment.  Help protect yourself or a friend from identity theft when applying for a new position!  Below is a list of Twelve Truths that may help you protect yourself or someone you know from Identity Theft while shopping for a job:

Truth #1: If you’re going to post a resume online, post your resume “privately.”
Truth #2: Not everyone who has access to a resume database should.
Truth #3: Not every job offer you see is for a real job — some jobs are just scams.
Truth #4: The more general the email “job” offer, the less valid it usually is.
Truth #5: Even the most careful, conscientious sites cannot control your resume after someone
has downloaded it.
Truth #6: Unless you are applying to the Federal or State government, never put a Social Security
Number on your resume.
Truth #7: Using a disposable e-mail address and a PO Box can save you from many headaches.
Truth #8: Things to omit from your resumes if you post it online –
Your references, for sure. Your school name, possibly.
Truth #9: Some resume databases are better than others.
Truth #10: Delete does not always mean delete.
Truth #11: Keeping good records is crucial for online job searching – don’t forget any of the websites
where you post your resume.
Truth #12: Prevention is better than the cure!

An identity theft ring used counterfeit checks to steal at least . . .

An identity theft ring that included bank employees, bank supervisors and a postal worker used counterfeit checks to steal at least $100,000 across South Florida in recent months.  Of 46 people suspected of being in the ring, 24 so far have been arrested.

The suspects stole people’s personal information, such as payroll and rebate checks, during home and car burglaries. That information was used to create fake checks that were cashed at Wal-Mart, Publix supermarkets, check-cashing stores, banks and other locations in Broward and Miami-Dade counties.

Your company’s failure to comply with requirements can result in . . .

It certainly seems logical that if your company is not involved in the provision or management of health-care services, then the requirement of the Health Insurance Portability and Accountability Act or HIPAA, which, among other things, mandates certain treatment of medical information about individuals, does not apply to your company.

However, because one of the purposes of HIPAA is the protection of certain health information, depending on the specific circumstances surrounding your company’s group health plan, your company may be required to comply with certain HIPAA provisions.  If applicable, your company’s failure to comply with HIPAA’s requirements can result in significant expense and administrative burdens for your company.

The determination of whether an employer is required to comply with HIPAA regulations and, if so, the employer’s compliance requirements can be made only after an evaluation of the specific facts of the employer’s involvement with the group plan.  Failure to comply as required can result in an employer and its employees being subject to significant monetary penalties, additional administrative costs, and even imprisonment.  Accordingly, if your company sponsors a group health plan, you should consult with a legal advisor who has expertise in the area of HIPAA compliance to determine the extent, if any, to which your company is required to comply with HIPAA and, if so, the steps necessary for compliance.

Improperly disposed of documents from the County and State levels . . .

Branches of county and state government in Pinellas County Florida have improperly disposed of documents that contain citizens’ sensitive personal information.  The report states that Hundreds of documents were involved, and the inappropriate disposals may violate state and federal law.  “Citizens are forced to provide confidential information to the government,” said Bob Melton, the clerk’s audit director.  “So the government has a huge responsibility to ensure that information is protected and in these cases, it was not.”