Identity Theft Prevention and Identity Management Standards Panel
Frequently Asked Questions
What is the Identity Theft Prevention and Identity Management Standards Panel?
The Identity Theft Prevention and Identity Management Standards Panel (IDSP) is
a cross-sector coordinating body whose objective is to promote and coordinate
the timely development of voluntary consensus standards and guidelines that
will equip and assist the private sector, government and consumers in
minimizing the scope and scale of identity theft and fraud.
Why was the IDSP created?
Identity theft and fraud have become widespread marketplace issues affecting
millions of Americans and costing business and government billions of dollars.
The IDSP was created to provide solutions-oriented resources for all those
affected by the threat of identity theft and fraud. Standards panels have
proven to be successful models for working quickly to develop standards-based
solutions to critical national priorities by facilitating participation from
the full range of affected stakeholders.
Who founded the IDSP?
The Panel was co-founded by the American National Standards Institute (ANSI)
and the Better Business Bureau (BBB) to leverage ANSI’s unique expertise as
coordinator of the U.S. standards and conformity assessment system and BBB’s
extensive experience in advancing trust in the marketplace. Nine leading
corporations from a cross-sector of industry joined in this initiative which
was formally launched on September 13, 2006.
What has the IDSP accomplished?
In the first phase of its work, the Panel produced a single, comprehensive
resource of standards and guidelines that businesses, government agencies and
other organizations can use to protect themselves and their customers against
identity theft and fraud in just over 16 months. Panel members considered the
entire life cycle of identity management: from the issuance of identity
documents by government and commercial entities, to the acceptance and exchange
of identity data, to the ongoing maintenance and management of identity
information. In addition, hundreds of documents – including applicable laws,
regulations, proposed legislation, white papers, and research studies and
reports – were catalogued. The ANSI-BBB IDSP Report, released January 31, 2008,
is a resource for businesses, government agencies, and other organizations in
the fight against the theft of personal and financial information
[see related article
Recognizing that this issue remains an ongoing national priority, phase two of the Panel’s work was launched in May 2008, with ANSI as the sole administering organization. In October 2009, the IDSP released two workshop reports: one,
outlining best practices for measuring identity theft [see
related article]; the other, calling for a national identity verification standard [see related article].
The IDSP, in partnership with The Santa Fe Group’s Shared Assessments Program and its Healthcare Working Group, and the Internet Security Alliance,
co-administered the “PHI Project” which culminated in the release of a report in March 2012 on the financial impact of breached protected health information (PHI).
The report is designed to help healthcare industry stakeholders entrusted with safeguarding PHI to understand the potentially devastating repercussions
of a PHI breach and to provide them with a methodology for determining an appropriate level of investment needed to
secure PHI [see related article].
The IDSP periodically has convened plenary meetings which provide an opportunity for information-sharing,
discussion and networking on current or proposed work items.
Who participates in the IDSP?
Participation is open to any affected stakeholder. Participants have included
representatives of the business community and relevant trade associations,
vendors of identity theft protection services, information security
specialists, industry analysts, government issuers and regulators, standards
developing organizations, consumers and public interest groups, and academia,
providing a range of perspectives.