fbpx

Main Navigation

Advertisement
Social Connect
Resources
Our Brand Family
Motorcycle & powersports news
Motorcycle and powersports content for dealers, professionals and enthusiasts
Business Management

Identity Crisis

Have a written plan in place for securing data and responding to a security breach.

Avatar
By Rod Stuckey
Published:

During a recent business trip to the United Kingdom, I found it interesting that the restaurant servers would bring portable credit card readers to the table. I felt a little pressured to leave a tip with them standing beside me (until I found it was included) so I mentioned it to another customer. He laughed, and said, “yeah, back in the U.S., the servers leave with your credit card and steal all of your information before returning to your table don’t they?” We both chuckled, but it made me wonder if that was the purpose of the system. Have you seen the LifeLock commercials were the CEO is providing his personal social security number to millions of viewers? Identity theft has become so prevalent in the United States that millions of Americans are paying companies a monthly payment to services such as LifeLock who will guarantee to protect your identity. When I first heard of this type of service years ago, I thought that anyone who increases their monthly overhead for a preventive measure like this must have more money than sense. Then, my sister-in-law had her identity stolen, and I was able to see firsthand what a nightmare she experienced. My neighbor had some checks stolen from his mailbox, my co-worker had her identity stolen and the list goes on and on. It has hit so close to home that I’m taking preventive measures. In fact, according to the Federal Trade Commission, losses from identity theft cost billions of dollars to both individuals and businesses each year.

Related Articles

So what does this have to do with the powersports industry, you ask? Well, if you’re a dealer, you could have a lot at stake. I know this isn’t as fun as talking about the new ’09 models just released, but stay with me. Effective November 1, 2008, dealerships, retail outlets, lenders and other businesses who handle both customer and employee personal information will have to comply with the Safeguards Rule, which went into effect May 23, 2003, under the Graham-Leach Biley Act. So what does it mean to comply? And how can there be a hard deadline?

In order to be in compliance by November 1, dealers must have a written plan in place for securing data and responding to a security breach. According to the FTC website, the FTC is authorized by Congress to impose penalties of up to $11,000 per violation, per day. To try and make some sense of this formal talk, let’s translate this into our terms with a couple of quick examples:

Example 1
Dealership A allows salespeople to keep track of their own customer paperwork. One salesperson continually leaves multiple credit applications and copies of customer driver’s licenses etc. out on his desk. Mr. Lowlife comes in looking at bikes. He sits down at the salespersons desk, and while waiting on the salesperson to retrieve a brochure, he decides to help himself to the credit applications that are blatantly lying around. He then uses the information to obtain lines of credit for everything from stereos to a new car. Eventually Mr. Lowlife is caught, and upon his arrest notifies authorities of the place of business whereby the information was obtained. Authorities notify the FTC, which launches an investigation only to find the very same salesperson (who never even knew the previous apps were stolen) with over 15 credit applications lying scattered about on his desk. That’s easy math at $11,000 per violation and could potentially cost dealership A $165,000 in fines.

Example 2
Dealership B hires an office assistant to help the bookkeeper with tag-and-title work. As it turns out, the office assistant is crooked and is accessing both current and previous dealership personnel files, retrieving personal data and opening credit card accounts with their information. Eventually, the person is caught, but extensive damage has been done. The word spreads to a previous employee who was never contacted and has now had his personal credit ruined. An investigation is launched and the dealership is found guilty on two accounts.

The data was found in unlocked file cabinets with little supervision, and therefore was not legally secure.

Once a security breach happens, the business is required to respond or notify any and all possible victims. This could have been proactively completed with a quick letter, but wasn’t, due to a lack of understanding of the Safeguard Rules and Privacy Act.

In this example, the end verdict could have been $11,000 per violation with 10 or more victims, equaling $110,000 in dealership fines!

Now, you may be saying, “But I can’t control the actions of my people, how can I be held liable for their negligence?” To read the letter of the law, “It is improper to assess large settlements or awards against any employer that undertakes good faith efforts to comply with employment and discrimination laws” [U.S. Supreme Court ,1999].

So take action now to get your dealership in compliance, and have a written plan in place for securing data and responding to a security breach. This topic isn’t a fun part of the business, just as with the ATV age restrictions, yet it is serious.

You May Also Like

Future of Buying Study
Digital leads
MPN talent panel, AIMExpo 2024
Business Management

How to Grow and Excel in Digital Retailing

This recorded AIMExpo education track discusses the world of digital retailing and why you need to be there.

Meagan Kusek
By Meagan Kusek
Meagan Kusek is the editor of Motorcycle & Powersports News. Since 2016, she has been covering various aspects of the B2B automotive markets, including professional carwashes, auto dealerships, motorcycle/powersport dealerships and collision repair shops.
Published:
MPN Digital retailing panel, AIMExpo 2024

At AIMExpo 2024, Meagan Kusek, editor for MPN, moderated the marketing panel in MPN's Dealer Excellence education track. The panel consisted of Johnathan Aguero of Transax, Jason Nierman of Rollick, Mike Wyrzykowski of Blackpurl, Troy Snyder of Trader Interactive and Martine Nuera of DX1.

In this session, Kusek and the panel discuss what digital retailing is, why dealers need to be in the digital space and how they can excel there. The panel relates how the digital user experience has changed, how to manage digital leads, best digital retailing practices and even how artificial intelligence (AI) might affect dealers in the future.

Read Full Article

More Business Management Posts
NPA Pre-Owned Market Update: February 2024

Average wholesale prices continue to improve, reflecting dealer sentiment and demand for pre-owned.

By Jim Woodruff
National Powersport Auctions, NPA, Market Report
Establishing the Right Pay Plan for Your Dealership’s F&I Team

In an industry where skilled F&I professionals are in high demand, an attractive, fair and equitable pay plan becomes a key tool.

By JD Baker
Motorcycle dealership F&I
Maximize Every Sale With F&I and PG&A

This recorded AIMExpo education track discusses how the bike is just the start of the sale.

By Greg Jones
MPN F&I panel, AIMExpo 2024
Elevating Your Sales Game Through Parts Packaging

Breaking down the art and science of a well-designed, customer-focused, profit-friendly parts package.

By Maggie Stevens

Other Posts

Unleash Your Experts: How to Be a Long-Tail Resource for Powersports Enthusiasts

Closing deals and providing service are a dealer’s bread and butter, but your dealership has far more to offer.

By Susan Medrano
dealership employees
Building a Growth Stategy With a Powersports Playbook

Success isn’t a fluke, and it’s not luck. It’s a strategy.

By Maggie Stevens
Fostering an F&I Culture That Sells

Dealership success hinges on the ability to cultivate a strong F&I culture.

By JD Baker
Increasing Profits Through Accessorizing

Go out and find the units to dress up — there’s lots of extra profit to be made.

By MARQ Smith