6 Things You Might Not Know About ‘Confidential’ Information - and Should
Are you clear about what personal and confidential information is? Everyone should be because this is the type of data that information thieves look for.
While individuals have their own personal identification documents and paperwork, workplaces also collect, use, and store confidential information related to employees, customers, patients, residents, students, or others.
The federal government requires organizations to identify Personally Identifiable Information (PII) and Protected Health Information (PHI) and handle this information securely.
PII, which can be used to identify, contact, or locate an individual, includes name, birth date and place, mother’s maiden name, credit card numbers, Social Security number, driver’s license number and passport number. PHI is information related to health status, care, and payment.
6 Things to Know About Confidential Information
1. Confidential Information is Not Limited to Print and Digital.
Photos of the full face or recognizable features as well as biometric data, such as fingerprints, x-rays, cornea scans, voice signatures and hand scans, are all considered confidential.
2. Personally Identifiable Information Can be Used to Trace Someone's Identity.
PII is also information that can be used to trace an individual’s identity, either alone or when combined with other information linked to a specific individual.
3. Be Aware of Confidential Information Within Common Documents.
Boarding passes, shipping labels, junk mail, sticky notes, returned checks and pay stubs all contain confidential details. Corporate confidential data includes sales and marketing strategies, financial statements, intellectual property and tax information.
4. Some PII Has an Increased Risk of Theft.
Social Security numbers, credit cards, and financial information are what thieves use most often to commit fraud or identity theft. These documents need to be vigorously protected.
5. Sharing Confidential Information is More Common Than You'd Think.
In earlier research, 53% of employees had received unencrypted, risky corporate data via email or email attachments and 21% said they had sent sensitive information by email without encryption. Research has also shown that employee error accounts for about 62% of data breaches today. PII is often found on computers, laptops, mobile devices, flash drives, disks, home computers and digital copiers.
6. Privacy Laws are Getting Stronger.
Depending on the sector, different privacy laws govern how information is managed in the workplace. The new European Union's (EU) General Data Protection Regulation (GDPR), which went into effect in May 2018, strengthens individual privacy rights in different ways including the ‘right to be forgotten’. It increases data protection compliance and enforcement and applies to any organization anywhere in the world that handles data belonging to a person living in the EU.
How to Safeguard Confidential Information
- Identify all collected confidential data - both in use and in storage.
- Create strict and enforceable policies around handling the data and remaining compliant.
- Implement layered safeguarding technology such as encryption, threat protection, data loss prevention, and policy compliance.
- Educate employees about confidential information and secure handling.
- Securely destroy all confidential data in digital and paper formats when it is no longer needed. Implement a Shred-it all Policy so all documents are destroyed.
Start Protecting Your Business
To learn more about how Shred-it can protect your documents and hard drives, please contact us to get a free quote and security risk assessment.