News & Resources

Health exchanges, mobile devices and ID theft converging

Oct 09, 2013 Dave King

New technology has presented organizations in the public and private sectors with a variety of opportunities to capitalize, especially cloud computing and mobile devices. However, with great power comes great responsibility, as Uncle Ben would say, and these very same technologies demand the implementation of more stringent and comprehensive ID verification protocols.

Data breach and identity theft have run rampant among the consumer population and organizations in virtually every sector throughout the past several years. One of the main causes for this spike is likely the incorporation of novel, uncharted technology and procedures that has become commonplace among businesses of all kinds, and the lack of thorough IT security knowledge.

Companies can substantially reduce their risk of data loss and theft when approaching these new tools through adequate deployment of ID verification practices, including training for all employees who might handle personal or corporate information. Between the new health exchanges and the continuous spread of bring your own device (BYOD), leaders would do well to implement ID verification strategies soon.

Worries in Illinois
My Journal Courier recently reported that officials in the Illinois Department of Insurance are beginning to release statements to businesses and consumers regarding the threats of the new health insurance exchanges that have surfaced following the deployment of Obamacare. Experts had long asserted that these platforms would be a hotbed for identity theft should the government not incorporate the frameworks necessary to protect user information.

Now, the exchanges are up and running, though the security procedures and capabilities in place are believed to be less than desirable. According to the news provider, officials in Illinois are not necessarily as concerned about the platforms themselves as they are about the people who are tasked with helping users navigate through the systems and select coverage plans.

In some instances, human resources professionals or other managers will likely need to assist employees through the process, and these individuals should first be taught ID verification best practices. The source noted that many thieves have already begun to pose as navigators, and consumers are already falling for the tactic and disclosing personal information over the unsolicited calls.

My Journal Courier added that 13 attorneys general signed a letter two months ago that issued concerns related to the navigator program for Obamacare health insurance exchanges. Still, nothing has been done to protect privacy on behalf of the government thus far, and with the shutdown remaining in effect, employers should not be expecting help any time soon.

BYOD and ID verification
The Athens Banner-Herald recently asserted that mobile devices generally increase the risk of identity theft for businesses, consumers and organizations of all kinds, especially since most smartphones and tablets are not properly secured. What's more, experts believe that user behavior is also increasing the risk of identity theft.

"Mobile phone users tend to be less careful and less aware of security problems they can encounter," Laura Heilman, a teacher for the University of Georgia's Information Technology Services Office, told the news provider. "This is especially true where phishing attacks are concerned, because mobile users are usually the first to come under attack."

Employee error and a general lack of awareness among consumers continue to be two of the more prolific causes of data loss and subsequent identity theft. Regardless of which new technologies or strategies a company might be implementing, ID verification training and enforcement should always be a focal point in the beginning and throughout the duration of the programs.

Businesses should ensure that all staff members know to be cautious when using mobile devices or providing personal or corporate information over the Internet.