Home > Blogs > Texas > Dallas County > Dallas > Protecting Personal Information

Mary Beth Harrison's Blog

By Mary Beth Harrison | Agent in Dallas, TX

Protecting Personal Information

Most companies keep sensitive personal information in their files—names, Social Security numbers, credit card, or other account date—that identifies customers or employees.


This information often is necessary to fill orders, meet payroll, or perform other necessary business functions. However, if sensitive data falls into the wrong hands, it can lead to fraud, identity theft, or similar harms. Given the cost of a security breach—losing your customers’ trust and perhaps even defending yourself against a lawsuit—safeguarding personal information is just plain good business.


A sound data security plan is built on 5 key principles:


  1. Take stock. Know what personal information you have in your files and on your computers.


  1. Scale down. Keep only what you need for your business.


  1. Lock it. Protect the information that you keep.


  1. Pitch it. Properly dispose of what you no longer need.


  1. Plan ahead. Create a plan to respond to security incidents.


Use the checklists on the following pages to see how your company’s practices measure up—and where changes are necessary.


Effective data security starts with assessing what information you have and identifying who has access to it. Understanding how personal information moves into, through, and out of your business and who has—or could have—access to it is essential to assessing security vulnerabilities. You can determine the best ways to secure the information only after you’ve done traced how it flows.


  • Inventory all computers, laptops, flash drives, disks, home computers, and other equipment to find out where your company stores sensitive data. Also inventory the information you have by type and location. Your file cabinets and computer systems are a start, but remember: your business receives personal information in a number of ways—through websites, from contractors, from call centers, and the like. What about information saved on laptops, employees’ home computers, flash drives, and cell phones? No inventory is complete until you check everywhere sensitive data might be stored.


  • Track personal information through your business by talking with your sales department, information technology staff, human resources office, accounting personnel, and outside service providers. Get a complete picture of:


Ø  Who sends sensitive personal information to your business. Do you get it from customers? Credit card companies? Banks or other financial institutions? Credit bureaus? Other businesses?

Ø  How your business receives personal information. Does it come through a website? By email? Through the mail? Is it transmitted through cash registers in stores?

Ø  What kind of information you collect at each entry point. Is it in a central computer database? On individual laptops? On disks or tapes? In file cabinets? In branch offices? Do employees have files at home?

Ø  Who has—or could have—access to the information. Which of your employees has permission to access the information? Could anyone else get a hold of it

Copyright © 2014 Trulia, Inc. All rights reserved.   |  
Have a question? Visit our Help Center to find the answer