<p>After two kids who didn't have any colleges utilizing IDOC, now S3 has 2 that utilize IDOC. After going through a breach at my bank last year with our accounts and having to close and open all new accounts and all that hassle, I'm not feeling confident with sending hard copies of tax forms, copies of W-2s and whatever else those institutions are going to require to a third party. Does anyone block out identifying information when they send confidential paperwork to IDOC? At least with a college you KNOW where that info is going and if there's a problem you can pinpoint potential sources. I'm thinking there is no reason NOT to create pdfs and black out anything but our last name. (No addresses, social security info, bank names, brokerage house names, all that stuff that comes into your tax forms)....really all they need is the numbers to confirm what you put in the Profile and most all of the info is redundant with the FAFSA info which is verified now against your taxes. What is the consensus here on that regard? I've been dreading this now that I've gone through what I went through and become so paranoid about how fast and loose information can be accessed.</p>
<p>If you can do without the potential aid, then fine. Them’s the rules. I had to send my W-2s to my son’s college to get PLUS money, and the the person working the case is someone that knew my other son from years ago. So much for privacy. My neighbor works in records at the medical center where we tend to go. And a friend of another son now has a job at my local bank branch.</p>
<p>No, I’m not saying I won’t send them… I’m wondering about blacking out information that is not needed or essential but could potentially be enough to create a identification theft again. I’ll never feel as safe today as I did prior to the events of a year ago and i will always be very cautious about giving people the minimal amount of information they need.</p>
<p>Name, address, soc sec num are the identifiers the colleges probably use as they receive all the documents and have to file them appropriately. Brokerage firm name they can prob live without, bank name too, but if you black out anything they deem important, don’t be surprised if you are contacted and asked to send the info again.</p>
<p>Since the point of sending the W2 is to verify it’s your information, it’s kind of vital to have the SSN show on the W2. In terms of security, yes you will be sending to a third party, but you will only send it through the mail once, rather than multiple times. That’s kind of the point - only one copy of these documents goes through the mail, rather than several. I wouldn’t worry as much about the staff at IDoc as I would about the chain of people handling it as it goes through the mail.</p>
<p>Really they should be compiling all information under the IDOC student ID number. All I presume they are doing is verifying the information on the Profile. They really don’t need my soc number or my husband’s soc number or our addresses or institution names. They don’t need my other two kid’s soc numbers (which are on tax forms). It bothers me that they require paper but talk about the security of their website and how they “key enter” information…that means they are taking paper and turning it into electronic documents somehow to get it to multiple colleges. And they are gathering information that is already existing within the FAFSA and their new matching system. I don’t understand why the process would be that way and it really bothers me. I don’t mind giving information, I’m simply not comfortable with this process. All those documents can be scanned and sent via a secure website and not photocopied and sent by certified or registered mail or FedX. We’ll see what the IDOC e-mails say they want when the e-mail comes in February, I’m probably just more aware since I finished Profile again and those 2 IDOC colleges are sending off warning signals in my brain. If I feel the least bit uncomfortable by what and how they are asking for stuff they already have, I guess i can e-mail the finaid offices and tell them I’m going to black out any personal identifying information and label everything with the College Board personal ID number for my son and his social security number. If you ever found out your bank account was emptied you’d be nervous, too about where and when you give personal identification information. I own a super strength shredder now just for all the mail, old ATM slips, and ‘stuff’ that I used to “toss” into the garbage without a thought.</p>
<p>momof3, I hope you come back and post the response you get from the colleges. I understand your concern regarding identity and the security of your financial information. It made me uncomfortable too. But, I think I will be surprised if they accept documents with information that has been blacked out. Good luck. Let us know how it turns out.</p>
<p>Will do. College Board should have no say in it if in fact all they do is collect and pass through (and rekey) data to the colleges. It’s really the 2 colleges I need to ask if the IDOC e-mail and IDOC instructions look unsafe to me. As I said the on-line Profile I have experience with, but never this IDOC service.</p>
<p>I am bothered by the IDOC process as well. Why do these schools feel the need to pay College Board for this service when they have the FAFSA with it’s IRS-direct data retrieval? It’s all the SAME information. Putting students and families at increased risk for identity theft should most certainly be a concern. Copies of forms through the mail (all addressed to IDOC…) and more copies on IDOCs “secure” server (too many stories in the news over the past few years regarding breeches to other “secure” data). I wish we would hear from some college financial aid offices regarding why they really believe it is worth the added expense and associated risks.</p>
<p>My husband’s uncle was so upset about the invasiveness of the financial aid process that he refused to fill out the forms. So his kids got no aid. limiting them terribly. To this day, they resent and blame him for their ordeal in getting any higher education. So there are people out there who feel strongly enough about this that they end the process right there. Though you can ask, I don’t think you will be able to black out identifying info. Let us know if they permit you to do so. And yes, it is a valid concern you have and a risk all of us take when we give out this info.</p>
<p>FYI, Collegeboard keeps the scans of your financial information for 2 years, according to their website but they don’t tell you that they keep the scans for 2 years. I could not “get them”’ to tell me that when i phoned and asked, I had to look through the marketing materials they use to sell the service to colleges. They could not or would not answer lots of questions I asked. The woman kept saying ‘well lots of people do this’ and “you aren’t the first person who has said these things to me.” Well duh. They tell you that they “destroy” the paper copies right after processing…which is because they are basically scanning and keying information and creating pdfs that they post to a website for colleges to access and that they hold for two years on a web server. Just keep yourself safe if you use this. For example the colleges don’t need your children’s social security numbers if they are dependents on your tax form, they can verify number of dependents on FAFSA. They don’t need your account numbers if you submit 1099s, they want to know how much is in the account. Just like they said on NYPD Blue, “Just be safe out there.” I just sent the one college that actually uses IDOC an e-mail today because I’d really rather not use that “service” so I’ll add what the response was if I hear back from them.</p>
<p>Whataprocess - I agree with your point about all these forms being mailed addressed to “IDOC.” Pretty obvious for takeaway of mail?</p>
<p>Here’s my sleepless nights now: mailed IDOC package Priority Mail with tracking service. Item shows it left a mail facility 3 days ago and that’s the final entry. It should have been delivered already and is somewhere in missing postal land!!! Called post office where I am informed that it has to be late by 5 business days before they will investigate missing piece of mail???</p>
<p>Anyone wonder why the post office is bankrupt is this is their delivery model? Tracking showing something left the facility…gee thanks - so helpful, NOT!! I will give it their required time, and then have to re-send the sensitive info again. </p>
<p>There has to be a safer, more secure, and better way given all the privacy concerns and identify theft concerns.</p>
<p>The business model for IDOC is almost extinct. They receive paper, put it through a scanner and make pdfs for the colleges. So what could be a one-step process becomes a three step process: parents/students make copies of their info, mail to IDOC, IDOC puts paper through a scanner to make pdf, stores pdf on a website for access by colleges who pay for this. Pretty archaic and plenty of touch points for identify theft. Almost every modern copier is a scanner. Parents could just as easily get scans of their documents and upload to the college’s secure website…now we have to make copies, drive to a post office, and mail and the colleges pay College Board. Plus College board has made no investment in Profile to allow for those families that have to file with estimations for ED or some EA schools have no ability to go in and update their information in Jan/Feb when they have more accurate numbers and college spend time making manual comparisons to the actual documents. Hah. The whole College Board financial system is a dying dinosaur without some system innovation. The last holdout of “paper records”, the healthcare system, is wrenching itself quickly toward paperless. Profile and it’s kissing cousin IDOC are on life support at best. </p>
<p>At worst, they and the colleges that use the services are wide open to lawsuits if anyone’s identity is stolen. I can’t think of one non federal institution (except collegeboard) that uses people’s social security numbers as ID. Even the colleges aren’t as foolish to do that and give every applicant an ID number. IDOC gives you a “number” but they don’t ask you to put that number on he documents…they ask you to put social security numbers on the documents. It’s a nightmare just waiting to happen from a security perspective and they have their heads in the sands. They have not changed one procedure since my oldest went through the process in 2006…and as a digital marketing strategist I thought they were behind the times then in terms of process and security.</p>
<p>Momofthree, I have absolutely no confidence in the security of any of those who are getting private info. I cringe a the abuse and carelessness I see in that area. I don’t know a thing about IDOC, but if it s like anything else, yes, the risks are there.</p>
<p>I’m not really on any crusade but the process is truly archaic.</p>
<p>They could move to a model where you scan everything and send it via the internet, but would that be any more secure? I’m more confident of my information going through the mail than I am of it passing through however many servers are necessary before it gets to theirs. No matter what encryption you use, someone can break it, and there would be copies of your information for who knows how long on all those servers, waiting for someone to hack.</p>
<p>I don’t know the model used by the College Board when the documents are forwarded to the colleges (could be over the internet, it could be a virtual private network, or it could be a direct dail-in system. But I can’t imagine a system where the general public can upload documents in this volume, outside of the internet, that could handle the traffic. And even then, can you imagine the network traffic it would generate?</p>
<p>Can you imagine the denial of service issues on certain common deadlines? It’s bad enough dealing with slow servers for the common app near certain common deadlines - those are at least spread out more. Not to mention the possible phishing emails encouraging people to upload to the wrong sites.</p>
<p>Actually I envision a model without the usps, a post officebox and scanners (and consequently multiple points of potential theft). Content arrives at a web server encrypted and moves to a secure data environment within an organization and unencrypts. That model occurs with regular frequency these days.</p>
<p>Mom of 3 boys - regarding all the financial documents we have to submit to colleges…I could not agree with you more about lack of security with all our sensitive financial data. Can you share here your experience past year? (consequence of blacking out SS#, did you receive any aid, etc.) We live abroad and I am clinging and dreading this process with one week deadline lurking to submit our material - we will be paying expensive postage to multiple colleges and probably won’t get any aid anyway…Is this worth it??</p>