Pub. 3 2013 Issue 1

15 Customer Privacy Policies Can Help Ward Off Wrongdoing BY JOHN COMUNALE , CPA A n Arizona dealership learned the hard way about privacy practice deficiencies. When police pulled over the finance manager for a routine traffic violation, they discovered a stack of sales contracts that fueled an identity theft ring. Turns out, the manager stole credit card and driver’s license numbers from about a dozen of the dealership’s customers. He also stole nearly $30,000 in Lowe’s and Best Buy gift cards through the dealership’s sales in- centive program. The manager is now serving a 10-year sentence for his crimes, but what could the dealership have done to prevent this impropriety in the first place? Background checks Background checks on prospective employees obvi- ously protect against identity theft. You need to check not only for criminal records, but also obtain credit reports and require drug tests for employees with direct access to sensitive information. Financial distress and drug habits can provide motives to steal. Also ask for references and follow through with phone interviews. Once you’ve hired someone, ex- plain your privacy policies and provide regular com- pliance training. In the Arizona case, the finance manager had a criminal record — burglary, credit card theft and drug violations — that was overlooked because he was a “rainmaker,” earning more than $200,000 through commissions. He also had been employed by area competitors, and they might have clued the store into the manager’s suspicious reputation. Q Privacy Policies — continued on page 16