Organizations (including private companies, nonprofits, and government entities) should clearly communicate:
Policymakers should protect against the misuse of data, including:
Policymakers and the private sector should ensure that organizations effectively protect against unauthorized access to or misuse of consumers’ personally identifiable information
Organizations must effectively inform consumers about how their PII is secured and what actions will be taken in the event of a security breach.
Companies, government agencies, and individuals should protect the unauthorized use, display, collection, and sale of SSNs.
Federal policymakers should strengthen protections and enforcement against identity theft.
Occupational regulation should enhance consumer health and safety and provide consumers with meaningful benefits.
States should require that home improvement contractors be licensed, insured, and bonded.
States should require written home improvement contracts and specify required and prohibited contract provisions.
States should ensure consumers have adequate redress in the event of fraud.