Rent to Own Online
"All Rent to Own...All the Time"

Home

| About RTO Online | RTO Tradeshow | Press
#1 Online Destination For the Rent to Own Industry
Trade portal for companies who rent to own furniture, electronics, appliances, custom wheels, jewelry and other home goods.
Rent to Own Online
Rent to Own Tradeshow
Who's Who in rent to own  
The Rent to Own industry's event photo album  
Video podcast interviews with Rent-to-Own industry professionals  
Audio podcast interviews with Rent-to-Own industry professionals  
Rent-to-Own Industry Federal Legislative Guide  
Rent to Own Industry Jobs and Resumes  
Search Rent to Own Online  
Subscribe to
RTO Magazine

E-mail Address :

Manage Subscriptions
 
RTO Magazine
 
United States Rent to Own Store Locator  
State Rent to Own Law  
Rent to Own Websites  
Rent to Own Industry Poll  
Editorials By Rent to Own Professionals  
Rent to Own Stocks  
Rent to Own Links  
Rent to Own Industry Events  
Rent to Own Online Archive  
Rent to Own Industry Training  
Advertise on the number one website for rent to own professionals  
Rent to Own Industry Blog  
Rent to Own Chat  
Rent to Own Industry Forum  
Rent to Own Industry Glossary  
National News  
Contact Rent to Own Online  
 

Site Statistics

 

Poll

 

Rent to Own Industry Must Take Steps to Prevent Identity Theft
11-25-03
RTO Online
Email this page to a friend

Rate: 

Your email address Worthless Helpful I have tears of joy Better than War and Peace

Add your Comments

Factoids

The National Conference of State Legislatures maintains a list of current and pending Identity Theft legislation by state

 

According to a recently release Federal Trade Commission survey, 27.3 Million US citizens have been victims of identity theft in the past 5 years, including 9.9 million people in the last year alone. These cases account for billions in losses for both businesses and consumers.

Rent to Own companies that require personal and confidential information on rental applications have a responsibility to protect that information from misuse. A Des Moines Iowa woman was searching for cans in the dumpster of a local rent to own store. She found "thousands of files" containing social security numbers, names, addresses, and copies of picture IDs that had simply been thrown away. The incident reinforces the need to safeguard information even after a customer pays out or returns merchandise.

advertise here

In many cases, a social security number, name and address is all that is necessary for an identity thief to acquire credit cards and other accounts. A victim of identity theft can suffer for years before the problem is corrected.

The problem is so severe that states like Rhode Island have gone so far as to bar some businesses from requesting social security numbers.

Rhode Island
R.I. Gen. Laws Section 6-13-17 http://www.rilin.state.ri.us/Statutes/TITLE6/6-13/6-13-17.HTM This law states that unless required by federal law, no person shall require that a consumer of goods or services disclose a social security number incident to the sale of consumer goods or services; provided, however that: insurance companies, health care, or pharmaceutical companies may require the consumer to furnish a social security number. Also, a consumer may be required to furnish his or her SSN when applying for a credit card.

Take a Poll

The California Department of Consumer Affairs, Office of Privacy Protection publishes helpful tips for business titled "Recommended Practices for Protecting Social Security Numbers."

California Department of Consumer Affairs Recommended Practices for Protecting Social Security Numbers
Printer Freindly
The Office of Privacy Protection’s recommendations are intended to serve as guidelines to assist organizations in moving towards the goal of aligning their practices with the widely accepted fair information practice principles described below. These recommended practices address, but are not limited to, the provisions of California Civil Code section 1798.85.

The recommendations are relevant for private and public sector organizations, and they apply to the handling of all SSNs in the possession of an organization: those of customers, employees and business partners.

  1. Reduce the collection of SSNs
    Collect SSNs preferably only where required to do so by federal or state law.  When collecting SSNs as allowed, but not required, by law, do so only as reasonably necessary for the proper administration of lawful business activities.  If a unique personal identifier is needed, develop your own as a substitute for the SSN.
     

  2. Inform individuals when you request their SSNs
    Whenever you collect SSNs as required or allowed by law, inform the individuals of the purpose of the collection, the intended use, whether the law requires the number to be provided or not, and the consequences of not providing the number.  If required by law, notify individuals (customers, employees, business partners, etc) annually of their right to request that you do not post or publicly display their SSN or do any of the other things prohibited in Civil Code Section 1798.85(a).
     

  3. Eliminate the public display of SSNs
    Do not put SSNs on documents that are widely seen by others, such as identification cards, badges, time cards, employee rosters, bulletin board postings, and other materials.  Do not send documents with SSNs on them through the mail, except on applications or forms or when required by law.13  When sending applications, forms or other documents required by law to carry SSNs through the mail, place the SSN where it will not be revealed by an envelope window. Where possible, leave the SSN field on forms and applications blank and ask the individual to fill it in before returning the form or application.  Do not send SSNs by email unless the connection is secure or the SSN is encrypted.  Do not require an individual to send his or her SSN over the Internet or by email, unless the connection is secure or the SSN is encrypted.  Do not require individuals to use SSNs as passwords or codes for access to Internet web sites or other services.
     

  4. Control access to SSNs
    Limit access to records containing SSNs only to those who need to see the numbers for the performance of their duties.  Use logs or electronic audit trails to monitor employees’ access to records with SSNs.  Protect records containing SSNs, including back-ups, during storage by encrypting the numbers in electronic records or storing records in other media in locked cabinets.  Do not store records containing SSNs on computers or other electronic devices that are not secured against unauthorized access.  Avoid sharing SSNs with other companies or organizations except where required by law.  If you do share SSNs with other companies or organizations, including contractors, use written agreements to protect their confidentiality.  Prohibit such third parties from re-disclosing SSNs, except as required by law.  Require such third parties to use effective security controls on record systems containing SSNs.  Hold such third parties accountable for compliance with the restrictions you impose, including monitoring or auditing their practices.  If SSNs are disclosed inappropriately and the individuals whose SSNs were disclosed are put at risk of identity theft or other harm, promptly notify the individuals potentially affected.
     

  5. Protect SSNs with security safeguards
    Develop a written security plan for record systems that contain SSNs.  Develop written policies for protecting the confidentiality of SSNs, including but not limited to the following:  Adopt “clean desk/work area” policy requiring employees to properly secure records containing SSNs.  Do not leave voice mail messages containing SSNs and if you must send an SSN by fax, take special measures to ensure confidentiality.  Require employees to ask individuals (employees, customers, etc.) for identifiers other than the SSN when looking up records for the individual.  Require employees to promptly report any inappropriate disclosure or loss of records containing SSNs to their supervisors or to the organization’s privacy officer.  When discarding or destroying records in any medium containing SSNs, do so in a way that protects their confidentiality, such as shredding.
     

  6. Make your organization accountable for protecting SSNs
    Provide training and written material for employees on their responsibilities in handling SSNs. Conduct training at least annually.  Train all new employees, temporary employees and contract employees.  Impose discipline on employees for non-compliance with organizational policies and practices for protecting SSNs.  Conduct risk assessments and regular audits of record systems containing SSNs.  Designate someone in the organization as responsible for ensuring compliance with policies and procedures for protecting SSNs.

When dealing with sensitive information use the Golden Rule; "Safeguard your customers information as you would your own." When in doubt...shred it.

The FTC maintains the nation’s primary identity theft Web site, which provides critical resources for consumers, businesses, and law enforcers at www.consumer.gov/idtheft.

Links to State laws regarding Identity Theft
Alabama Alabama Code § 13A-8-190 through 201
(search Alabama Code for "Identity Theft")
Alaska Alaska Stat § 11.46.565
(Click Title 11, Chapter 46, Section 565)
Arizona Ariz. Rev. Stat. § 13-2008
Arkansas Ark. Code Ann. § 5-37-227
California Cal. Penal Code § 530.5-8
Colorado Does not have specific ID Theft law.
Connecticut Conn. Stat. § 53a-129a (criminal)
Conn. Stat. § 52-571h (civil)
Delaware Del. Code Ann. tit. II, § 854
District of Columbia Does not have specific ID Theft law.
Florida Fla. Stat. Ann. § 817.568
Georgia Ga. Code Ann. § 16-9-120, through 128
Hawaii HI Rev. Stat. § 708-839.6-8
(See statutes and documents)
Idaho Idaho Code § 18-3126 (criminal)
Illinois 720 Ill. Comp. Stat. 5/16 G
Indiana Ind. Code § 35-43-5-3.5
Iowa Iowa Code § 715A.8 (criminal)
Iowa Code § 714.16.B (civil)
Kansas Kan. Stat. Ann. § 21-4018
Kentucky Ky. Rev. Stat. Ann. §  514.160
Louisiana La. Rev. Stat. Ann. § 14:67.16
Maine ME Rev. Stat. Ann. tit. 17-A § 905-A
Maryland Md. Code Ann. art. 27 § 231
Massachusetts Mass. Gen. Laws ch. 266, § 37E
Michigan Mich. Comp. Laws § 750.285
(See Michigan compiled laws section)
Minnesota Minn. Stat. Ann. §  609.527
Mississippi Miss. Code Ann. § 97-19-85
Missouri Mo. Rev. Stat. § 570.223
Montana Mon. Code Ann. § 45-6-332
Nebraska NE Rev. Stat. § 28-608 & 620
Nevada Nev. Rev. State. § 205.463-465
New Hampshire N.H. Rev. Stat. Ann. § 638:26
New Jersey N.J. Stat. Ann. § 2C:21-17
New Mexico N.M. Stat. Ann. § 30-16-24.1
(Go to statutes section, Chapter 30)
New York NY CLS Penal § 190.77-190.84
North Carolina N.C. Gen. Stat. § 14-113.20-23
North Dakota N.D.C.C. § 12.1-23-11
(See consumer protection)
Ohio Ohio Rev. Code Ann. § 2913.49
Oklahoma Okla. Stat. tit. 21, § 1533.1
Oregon Or. Rev. Stat. § 165.800
Pennsylvania 18 Pa. Cons. State § 4120
Rhode Island R.I. Gen. Laws § 11-49.1-1
South Carolina S.C. Code Ann. § 16-13-500, 501
South Dakota S.D. Codified Laws § 22-30A-3.1.
Tennessee TCA § 39-14-150 (criminal)
TCA
§ 47-18-2101 (civil)
Texas

Tex. Penal Code § 32.51

Utah

Utah Code Ann. § 76-6-1101-1104

Vermont

Does not have specific ID Theft law.

Virginia

Va. Code Ann. § 18.2-186.3

Washington Wash. Rev. Code § 9.35.020
(click on title 9, then chapter 35)
West Virginia W. Va. Code § 61-3-54
(scroll down to § 61-3-54)
Wisconsin Wis. Stat. § 943.201
Wyoming Wyo. Stat. Ann. § 6-3-901

 

 

RTO Online is the official channel for Rent-to-Own Industry News and the only independent source of news for the rent-to-own, rental-purchase, lease-purchase trade. RTO Online (Rent to Own Online) represents the choice of the entire RTO Industry for trusted information, as it happens.

Tell us what you think
Rate the article at the top of this page