skip navigation


Abstract Database

Register for Latest Research

Stay Informed
Register with NCJRS to receive NCJRS's biweekly e-newsletter JUSTINFO and additional periodic emails from NCJRS and the NCJRS federal sponsors that highlight the latest research published or sponsored by the Office of Justice Programs.

NCJRS Abstract

To download this abstract, check the box next to the NCJ number then click the "Back To Search Results" link. Then, click the "Download" button on the Search Results page. Also see the Obtain Documents page for direction on how to access resources online, via mail, through interlibrary loans, or in a local library.


NCJ Number: 207289 Find in a Library
Title: Identity Theft: The U.S. Legal Environment and Organisations' Related Responsibilities
Journal: Journal of Financial Crime  Volume:12  Issue:1  Dated:August 2004  Pages:33-43
Author(s): Gregory J. Gerard; William Hillison; Carl Pacini
Date Published: August 2004
Page Count: 11
Type: Issue Overview
Format: Article
Language: English
Country: United Kingdom
Annotation: This paper discusses an organization's responsibilities in mitigating opportunities for identity theft, and it presents guidelines for implementing and assessing controls that address the risk for identity theft.
Abstract: "Identity theft" is defined as "the criminal act of assuming the identity of another person with the expectation of gain." In addressing the prevention of identity theft, this paper focuses on organizations that collect, assemble, process, store, and retrieve information about individuals. Attention is given to the legal and moral responsibilities, risks, and related internal controls in the management of personal information on an organization's customers, employees, and other stakeholders. Following the documentation of identity theft as one of the most pervasive of the financial crimes, the authors outline some of the methods used to commit identity theft. A section then reviews selected laws that apply to identity theft. A discussion of civil liability for identity theft notes that victims are increasingly targeting third parties, including employers and other record-keepers, for failure to protect victims' personal information. It is therefore imperative that organizations which manage personal information evaluate their risks and controls for identity theft. Guidelines for enhancing manual controls recommend controlling the paper trail and destroying outdated records. Employee controls suggested are the institution of effective background checks, mandatory vacations, establishment of a hotline, and the development and enforcement of an information security and privacy policy. Computer controls include the prevention of unauthorized access, keeping identity data confidential, and controlling electronic data storage. Finally, the authors advise organizations to consider insurance as a risk-management tool. 64 references
Main Term(s): Criminology
Index Term(s): Business records; Business security; Civil liability; Confidential records access; Identity Theft; Legal liability; Records management; Security systems; United States of America
To cite this abstract, use the following link:

*A link to the full-text document is provided whenever possible. For documents not available online, a link to the publisher's website is provided. Tell us how you use the NCJRS Library and Abstracts Database - send us your feedback.