The American National Standards Institute (ANSI) and the Better Business Bureau system (BBB) today announced a partnership with a cross-sector team of high profile companies to create a single resource of standards and guidelines that businesses and other organizations can use to prevent and respond to identity theft and fraud. The nine founding partners that have joined ANSI and BBB in this effort are AT&T, Citi, ChoicePoint, Dell Inc., Intersections Inc., Microsoft, Staples, Inc., TransUnion and Visa U.S.A.
The initiative, called the Identity Theft Prevention and Identity Management Standards Panel (IDSP), leverages ANSI’s unique expertise as coordinator of the U.S. standards and conformity assessment system with BBB’s extensive experience in advancing trust in the marketplace. The panel’s membership will include participation from the full range of affected stakeholders.

“More than 18 million Americans have been the victims of identity-related fraud over the past two years, crossing all aspects of their personal and financial life, said S. Joe Bhatia, ANSI president and CEO. “It’s time that a coordinated assessment was made of the standards and other solutions that the marketplace has developed, or needs to develop, to address this problem and to make the results widely available.”

The IDSP will have two main charges: First, it will endeavor to identify and catalogue in one place any existing, broadly-applicable identity theft and fraud prevention standards and guidelines. Second, it will identify areas where updated or new standards are needed. The panel’s recommendations for revised or additional standards shall serve as a call to action for further work by the standards development community.

“Securing and protecting sensitive personal information is crucial for businesses wanting to earn customer trust,” explained Steven Cole, BBB system president and CEO. “By identifying, reviewing and making available the relevant standards and guidelines, we will be giving businesses a toolkit that will help them deliver on their responsibility to protect the data of their customers, partners and employees.”

Issues to be explored by the IDSP include managing access, storage and disposal of customer and employee data, personnel qualifications and training for the handling of sensitive data, criteria for selecting data contractors, and recapturing and restoring the integrity of stolen identities.

An aggressive timetable of 12-18 months has been set for the Panel to produce a comprehensive, cross-sector set of requirements and best practices that can help any organization protect the confidential personal data of its employees and customers.