For the record, background checks don't make me any happier than security checks at the airport. Neither of them really tells you anything that isn't obvious and both are invitations to discriminate.
To answer Nate's question below, security is an issue in the same way it is for your other services. This should be addressed in your terms of service, if they don't already cover them. Is there potential liability? Of course. It is somewhat remote, but it isn't non-existent. Signing a waiver isn't a cure-all, either. You can't always waive your own negligence, recklessness, or intentional acts. A court could find any waiver you sign to be ineffective. Having disclaimers/waivers (in your terms of service or elsewhere) is a good idea, but should not be viewed as something ironclad. Happy to discuss with Nate or anyone else in detail off-list. Doug -----Original Message----- From: Af [mailto:[email protected]] On Behalf Of Ken Hohhof via Af Sent: Monday, October 06, 2014 10:04 AM To: [email protected] Subject: Re: [AFMUG] Efax and Security <rant> Oh, right, background checks. That's why I stopped being a Cub Scout leader, volunteering with my kids choir group, etc., the assumption that any guy who volunteers to work with kids must be a pervert or prove otherwise. That and the helicopter parents who feared that the little Cub Scouts would experience something dangerous like how to care for a pocket knife or use a soldering iron or a tour of the village police department and jail. Meanwhile Dennis Rader the BTK killer was an ADT alarm installer, Cub Scout leader, and a deacon of his church. But those background checks make the lawyers happy. </rant> -----Original Message----- From: Nate Burke via Af Sent: Monday, October 06, 2014 9:51 AM To: [email protected] Subject: Re: [AFMUG] Efax and Security The reason that It popped into my head is that I'm working with running background checks for people that work with the kids at our church. I have physical copies of the forms people filled out with all kinds of personal information, so I was like, I'll just scan them and email them into the church office for processing. Then I decided that sending info like that via email probably wasn't a good idea, so I should fax them. Then I realized that it's basically the same thing since all my faxing is through email. So that got me thinking, how would I know if my personal information is just being sent out via a plain email on the receiving side? If something were to happen, do we have have any liability for not making it 'secure' or do we need to be telling customers up front that the security is only as good as email, and have them sign a wavier that we don't get sued if their email is hacked and peoples identities are stolen? On 10/6/2014 9:33 AM, Ken Hohhof via Af wrote: > I use Ring Central for eFAX, and you can send from an application on > your computer and read messages via a password protected HTTPS site. > So you don't have to use email. You could, for example, have an email > alert you to a FAX but not attach a PDF. I just have it email the PDF > though. Who cares if someone sees the junk FAX messages I get for cruises > and roofing. > I don't think I've received a real FAX in 3 years. Maybe 2-3 times a > year someone wants me to send them a FAX, but at their end I assume it > is going to an actual FAX machine. Unless it is going to the shared > multifunction copier and everyone sees it or picks it up by mistake. > I think the illusion that FAX is secure is just that, an illusion. > > There also appear to be secure eFAX solutions that are probably more > secure than traditional FAX machines: > > http://enterprise.efax.com/online-fax-services/secure-fax > > > -----Original Message----- From: Nate Burke via Af > Sent: Monday, October 06, 2014 9:11 AM > To: Animal Farm > Subject: [AFMUG] Efax and Security > > So I'm asking the question before one of my customers asks it of me. > Faxing has always been a "secure" transport medium, someone could > intercept your fax only if they had a wiretap running on your phone > line. With Efax services where everything is done via Email (I use > the Voip Innovations Efax Service), are there more security > concerns/risks since everything is just emailed in the clear? We've > always told people, don't put your SS# or CC# in an email, but if they > go to fax a credit app or a payment authorization slip through the > email to fax service, isn't that the same thing? I know someone is > going to bring this up one day, and I want to make sure I have an > answer ready to go for them. > > Nate Doug Hass Associate 312.786.6502 Franczek Radelet P.C. Celebrating 20 Years | 1994-2014 300 South Wacker Drive Suite 3400 Chicago, IL 60606 312.986.0300 - Main 312.986.9192 - Fax www.franczek.com Circular 230 Disclosure: Under requirements imposed by the Internal Revenue Service, we inform you that, unless specifically stated otherwise, any federal tax advice contained in this communication (including any attachments) is not intended or written to be used, and cannot be used, for the purposes of (i) avoiding penalties under the Internal Revenue Code or (ii) promoting, marketing or recommending to another party any transaction or tax-related matter herein. ________________________________________ For more information about Franczek Radelet P.C., please visit franczek.com. The information contained in this e-mail message or any attachment may be confidential and/or privileged, and is intended only for the use of the named recipient. If you are not the named recipient of this message, you are hereby notified that any dissemination, distribution, or copying of this message or any attachment thereto, is strictly prohibited. If you have received this message in error, please contact the sender and delete all copies. ________________________________________ Franczek Radelet is committed to sustainability - please consider the environment before printing this email
