What’s Considered Confidential?
For clients, confidential information covers any and all information you have on the client including names, addresses, email addresses, social security numbers or tax identification numbers, credit report information, bank account or credit card information and anything else you collect in order to maintain a business/client relationship.
For employees, confidential data means employees records that contain the employee’s personal information, medical information or data related to hiring, firing, warnings, payroll information and disability or workman’s compensation payments.
Image Credit: Hacker / Wikimedia Commons
Keeping Data Confidential
Obviously, the best way of keeping client and employee data safe to keep your business out of trouble, especially if information is accessible through the Internet, is to limit the access of that information to the business owner and perhaps one other person.
Internet security and confidentiality is essential in today’s world with identify theft, online fraud and the Federal Trade Commission’s Red Flag Rule. With more and more businesses running operations remotely, confidential information could be unknowingly hacked when accessing your network.
If Internet and security confidentiality issues mean you need to keep client and employee information safe, consider these tips:
- Passwords – Networks and individual PCs connected to networks should always be password protected with prompts set up to change them regularly and not allow the same password to be utilized over and over.
- Storing Data – Instead of relying on your network to keep client and employee data secure, consider USB drives, backup systems and other storage avenues that are separate from the network or PCs.
- Vaults – Some networks utilize vault systems to keep data secure. Your server administrator should be able to set you up with a vault system.
- Encrypted Data – Personal information on clients and employees including social security numbers and credit cards should only be stored as encrypted data.
- Hardware & Software Updates – Be on the lookout if your network or PCs inform you that they’ve detected new hardware or software. If you didn’t install anything, where did the hardware or software come from?
No one needs to have confidential data stolen that can be detrimental to business operations, client and employee trust or legal issues. This is the reason every business that accepts credit cards are only allowed to print out a receipt that offers the last 4 digits of a cardholder’s account number with no expiration date revealed.
The FTC’s Red Flag Rule, which will go into effect in December of 2010, requires creditors and financial institutions to follow certain guidelines when it comes to keeping confidential data safe. Keep in mind, you might not think of your business as a “creditor” or “financial institution,” but the FTC’s Red Flag Rule is more concerned of what kind of business operations you run; meaning if you do store confidential information, the Red Flag Rule may apply to your business. You can download a brochure and read more about the Red Flag Rule from its official website.
As far as employee confidential information, especially when it comes to Internet security and confidentiality, check with your state’s Department of Labor because every state has different rules on what data must be kept confidential and secure.
Image Credit: Internet Crime / Wikimedia Commons