Critics of privacy practices argue that your personal information is so commonly disseminated, to so many various persons and entities, that any effort to mitigate the spread of your information is wasted effort. But as ITRC CEO Eva Velasquez is often quoted saying, “Just because a rock will easily go through my window doesn’t mean I leave home with the front door unlocked.”
One of the ways that can be shown to statistically reduce your likelihood of becoming a victim of identity theft or financial fraud is to limit the number of times you allow your personally identifying information (PII) to be shared over any given period of time. The first step then, is understanding when there is a legitimate need for a person or organization to request your information, and when you’d be better served to politely refuse to give out your social security number, bank account, or identification information. Below are some examples of common scenarios and locations where you may be requested to share your PII and an analysis of whether the information is really necessary.
The Doctor’s Office: The idea that you have to share your social security number or driver’s license number at your medical professional’s office is one of the most common misconceptions amongst the public today. After all, there it is right at the top of their very professional looking sign in document; A block of space requesting your Social Security Number.
Here’s the thing: in the vast majority of cases, a social security number is not necessary for your Dr.’s office to have on file. If you have medical insurance the insurance number and group number combined with your name and contact information is sufficient for them to process your method of payment and establish a medical record. Usually if you inform them you’re uncomfortable giving out your PII or you simply leave the applicable spaces blank they will simply say “OK” and process your paperwork without it. If they insist upon collecting your SSN, ask them what specific purpose they need it for? Additionally, it’s wise to inquire as to their procedures for storing sensitive information. Will your info be stored on a computer or in a hard file? Who has access to the information? What sort of e-security do they have if they will be storing your information on a computer? These are all important things to understand before you leave your personal information in the hands of a stranger. If they are unable to answer your questions to a satisfactory level you can always inform them that by law they cannot require you to give out your PII.
Job Interviews: This one can be a bit tricky because at some point an employer will need a new employee’s PII, including but not limited to your Social Security Number. So when is the appropriate time to share that information? Especially in today’s digital world this question is an important one.
As a general rule of thumb you should never give out any PII to someone you haven’t actually met face to face and shook hands with. The job interview process in 2013 often starts online, but eventually it should progress to phone conversation and then a face to face meeting. PII is appropriately requested by an employer when you are approaching the end of the hiring process. That is: you’ve had several interviews, both parties clearly have some level of interest moving forward and hiring at some level seems imminent. To process your paychecks and taxes and related HR issues, an actual employee will need to produce his or her PII.
It is not appropriate for the employer to send you an application form via email after your first correspondence asking you for PII before you’ve even identified who it is you’re actually talking to. PII is not necessary to conduct any part of the interview process prior to background checks and credit scores, and again, the appropriate time for that conversation is after several communications and at least one face to face meeting with your potential employer. Be wary of jobs posted online that seem too good to be true. Making 5,000 dollars a month just for receiving and shipping packages, for example is likely a re-shipping scam. No legitimate employer will pay you just to cash checks either.
The Department Store: Those of us who like to shop can be somewhat easily enticed by offers of significant discounts through signing up for a store credit card. While a store clerk is completely on the straight when they ask you to fill out the application for credit to become a member, it’s important to consider the risk before providing them the PII they require to open a line of store credit. Much in the same line of thinking as at the Dr.’s office you want to get a feel for how seriously they take security before you give them your information. Ask them how and where that information is stored, and who has access to it. Only after you’re satisfied they give due consideration to the safety of your PII should you consider filling out their application for credit. Weigh that risk against the convenience or amount of savings you’d miss out on by paying for your purchases with a non-store credit method.
You must remember that it is impossible to completely prevent identity theft. You have to give out your PII for some purposes and often once you do that, you are no longer in control of how that information is protected. However, using these tips will help you minimize the places you have to trust with your PII.
"Do They Really Need Your Information?" was written by Matt Davis. Matt is Director of Business Alliances at the Identity Theft Resource Center. We welcome you to post/reprint the above article, as written, giving credit to the author and linking back to the original posting.