Robert Siciliano Identity Theft Expert
In a Washington state hospital, during check in, a patient had gone though the administration process and was asked numerous times by numerous people his Social Security number. A familiar process many of us have endured. With all the buzz in the news about identity theft this patient became concerned about all the various people having access to his personal identifying information and had requested the facility remove his Social Security Numbers from their records.
What happened next led to a strong disagreement between him and the facility. They refused, he put up a stink, and he was ejected from the hospital. His request was considered unreasonable by the hospital and their rules and regs ultimately led to his ejection. Soâ€¦whoâ€™s right and whoâ€™s wrong?
Years ago, on a Saturday afternoon I was with my spouse in a major chain that rents videos. Without naming them, letâ€™s just say they rent some block buster videos. The account was under her name. She didnâ€™t have her card with her that day. Upon checkout the pimply faced 17 year old clerk said â€œno problemâ€ and asked her for her Social Security number. Which was right in front of him on his screen. In response I freaked out. And was ejected from the store. Soâ€¦whoâ€™s right and whoâ€™s wrong?
In both cases the customer is wrong. Maybe not the answer you were expecting. I was wrong and the patient was wrong.
In general routine information is collected for all hospital patients and includes name, address, date of birth, Social Security number, gender, and other specific information that helps them verify that individual’s identity and insurance enrollment and coverage data. And due to federally mandated laws like HIPPA, they are careful to maintain confidentiality of all patient information in their systems.
In the case of corporations such as banks, credit card companies, automobile dealers, retailers and even video rental stores who grant credit in any form, they are going to ask for includes name, address, date of birth, Social Security number, gender, and other specific information that helps them verify that individual’s identity and do a quick check on your scores to determine their risk level in granting you credit.
Over the past 50 years the Social Security number has become our de-facto national ID. While originally developed and required for Social Security benefits. The â€œfunctionality creepâ€ occurred. Defined as what occurs when an item, process, or procedure designed for a specific purpose ends up serving another purpose for which it was never planned to perform.
Here we are decades later and the Social Security number is the key to the kingdom and anyone who accesses yours can become you and both a hospital setting and in a bank.
So what do you do when asked for your Social Security number? Many people are refusing to give it out and quickly discovering a number of hurdles they have to overcome in order to obtain services. Most are often denied that service and from what I gather there is nothing illegal about any entity refusing service. Most organizations have something in their TOS, â€œTerms of Serviceâ€ that you sign when agreeing to do business with that organization that allows them access to this type of data.
The overall purpose of acquiring this data is so they can protect themselves. This way they have made a concerted effort to identify those who they are granting access and there is a degree of accountability. Otherwise any Tom Dick and Harry would just pose as anyone at any time, anywhere and there would be no accountability at all any time, any where.
So where does this leave us? We have previously discussed in this blog â€œIdentity Proofingâ€ and how flawed our systems of identifying us are and a glimpse into how we can tighten up the system. But we have a long, long way to go before we are all securely and effectively identified. So in the meantime we have to play with the cards we are dealt if we want to participate in society and the services that it offers. So Giving up your Social Security number is going to continue for the time being. The cats out of the bag.
I give up mine often. I donâ€™t like it, but I do things to protect myself, or at least reduce my vulnerability.
Things you can do
Refuse to give it out; this may lead to a denial of service or a request that you the customer jump through a series of hoops that are less than convenient in order to be granted services. Most people when faced with either option throw their arms in the air and give out their Social Security number.
Invest in an identity protection plan; there are dozens of companies offering a variety of services that do different things to protect you. Some monitor, do fraud alerts, credit freezes, restoration or sweep the net looking for your data. Iâ€™m working with Intelius Identity Protect and like them. Secure and cost effective.
Do it yourself identity protection; Get yourself a credit freeze and learn how to do it here. Or set yourself up with fraud alerts and learn how here. Otherwise continually sweep the Net using Google News Alerts and do everything you can to protect yourself social media identity theft here.
Robert Siciliano identity theft speaker discussing the ubiquitous use of Social Security number here