To determine how well my state helps protect me against identity theft, I look at what other states have done. New Hampshire is one of the few states that are leading the way on identity theft protection for consumers. According to the Security Bytes blog:
"There are a few states that demand that organizations that suffer security breaches that compromise customer data report those incidents to the state as well as the affected individuals. One of those forward-thinking states is New Hampshire, and the state has gone a step further and decided to post to its Department of Justice Web site all of the notification letters it receives. The archive only goes back to November 2006 right now and includes a few dozen entries, but that will grow as more companies are breached."
At the NH site, you can view IBM's data breach notification dated April 26, 2007; more than two months after the February 2007 data breach incident. I received IBM's notification in May 2007, and my letter didn't even have a date printed on it. Is that how a world-class computing and software company operates?
Congrats to New Hampshire and to its citizens! I look forward to similar efforts by Massachusetts and other states. Does your state post data breach notification letters online? If so, tell us below. I've Been Mugged readers want to know.
Next entry: Opt-out Resources for Consumers